Patch tracker / KB5071876
KB5071876
Microsoft security update released 2025-12-09. Fixes 2 CVEs.
High
Download KB5071876
Get the official update for KB5071876. The download and file size for each supported product are on the Microsoft Update Catalog page.
Update summary
Released
2025-12-09
CVEs fixed
2
Max CVSS
7.5
Severity
High
Exploitation and severity
Fixes 2 CVEs. Most severe CVSS 7.5 (High). EPSS exploit probability up to <1%.
Among the lower half of tracked Microsoft updates by EPSS exploit probability.
What to do
Moderate priority: schedule it in your normal patch cycle. Senserva flags whether KB5071876 is missing on your devices.
CVEs fixed by this update
Affected products
- Microsoft Exchange Server 2016 Cumulative Update 23
- Microsoft Exchange Server 2019 Cumulative Update 15
- Microsoft Exchange Server Subscription Edition RTM
See this and every Microsoft update ranked by real-world risk on the Microsoft Patch Tracker.