Microsoft has confirmed that it will release the last two cumulative updates (CUs) for Exchange Server 2019 post-mainstream support. The CU14 update is deferred to a post-January 9, 2024 release date, following the end of the product's mainstream support phase. Furthermore, CU15, which will be the final update provided for Exchange Server 2019, is also expected to be released in 2024.
Understanding Cumulative Updates
Exchange Server 2019 operates under a biannual release schedule for updates, commonly described as H1 and H2 phases, correlating with the first and second halves of the year, respectively. Typically, these updates have been distributed around March and September. Microsoft adheres to this timeframe though not releasing CUs in December due to a prioritization of security updates, which has led to this adjusted schedule.
Extended Support Explained
Historically, mainstream support ending means a freeze on regular updates and only security patches are released under extended support. But in an unusual move acknowledging the needs of organizations, Microsoft has indicated that the cessation of mainstream support does not equate to an immediate stop to all updates. Following the January 9, 2024 end to mainstream support, security updates will continue, but new features and non-security updates will not.
Microsoft further clarifies that while formal requests for bug fixes and design changes (Design Change Requests or DCRs) must be submitted by the mainstream support end date, should there be any issues with the 2024 CUs, Microsoft will tackle them with necessary patches, even after exiting mainstream support phase. Nino Bilic from Microsoft encapsulates the sentiment by stating, “'Extended support' does not mean ‘no support.' It signifies that no new features are to be considered after a specific milestone, yet security updates are still fully supported.”
In essence, Microsoft is setting the expectation that Exchange Server 2019 will receive significant updates next year, which departs from the company's traditional practice and underscores their commitment to security and reliability, extending beyond conventional support timelines.