Exchange 2016/2019 support ending in October: Plan your Exchange Server SE migration now and avoid risks

Red alert for your IT security! On 14 October 2025, Microsoft will discontinue support for Exchange 2016 and 2019. For on-premises and hybrid environments, this means no more security updates. The risk of serious cyber attacks, data loss and system failures will increase dramatically.

The successor version, Exchange Server Subscription Edition (SE), will not be released until the second half of 2025 – so there is not much time to react.

In this article, you will learn why updating to Exchange Server SE is essential, what risks are associated with discontinuing updates, what steps are required to migrate to Exchange Server SE, and what alternatives are available, such as Exchange Online and Delos Cloud.

Deadline: End of support for Exchange 2016 and 2019

On 14 October 2025, Microsoft will finally discontinue extended support for Exchange Server 2016 and 2019. This means that after this date, no security updates, bug fixes or technical support will be available for these versions. But why is operating an outdated Exchange environment so problematic, and what risks does it entail?

Microsoft Exchange servers are frequently targeted by active threats, and recent years have shown how important regular updates are. A few examples illustrate how dangerous security vulnerabilities in Exchange environments can be:

  • HAFNIUM attacks (2021): This large-scale attack on on-premises Exchange servers affected thousands of companies worldwide, causing data leaks, manipulation and costly system failures.
  • ProxyShell/ProxyLogon security vulnerabilities (2021): Critical exploits that allowed cybercriminals to gain access to Exchange servers. These incidents emphasise the importance of installing security updates immediately.
  • NTLM relay attack vulnerability (2024): This vulnerability allowed attackers to use a relay to read users' login credentials and take over their accounts.

As these examples show, the risk of attacks and data loss increases dramatically without security updates – a scenario that no company can afford. The secure operation of an email server is now essential in all industries. At the beginning of 2024, the BSI published a report showing that more than 17,000 instances of Exchange servers in Germany were vulnerable to exploits at that time.

So if your company still uses Exchange on-premises solutions (Exchange 2016 or Exchange 2019) – whether as a primary system or as a hybrid server – now is the right time to take action and develop a strategy for the switch.

What does the new Exchange Server Subscription Edition (SE) offer?

With the upcoming Exchange SE, Microsoft is introducing a completely new concept for on-premises Exchange Server: the subscription model (Subscription Edition). The traditional release of major versions will be discontinued. Instead, the SE version will be continuously updated, including security updates and feature enhancements.

Key features of Exchange Server SE:

  • Flexible licensing model: Costs are transparent and predictable thanks to the subscription model. In addition to the client access licences (CALs) and server licences previously required, Exchange SE also requires an active subscription. This can be either a cloud subscription (e.g. Microsoft 365 E3 or E5) or an Exchange SE licence with Software Assurance (SA). Depending on the licence model used previously, additional costs of between 10% and 20% are therefore to be expected.
  • Continuous updates: No more major version jumps – new features and security updates are delivered as updates upon release. Microsoft explicitly states that new features will continue to be implemented in Exchange with Exchange SE starting with CU1 and beyond. However, no major new features have been announced for Exchange SE itself.
  • Hybrid compatibility: Optimally tailored for integration with Microsoft 365. If you do not provide mailboxes in your on-premises environment, the Hybrid Configuration Wizard (HCW) also offers a licence for Exchange SE. In addition, a Software Assurance (SA) or Microsoft 365 E3 / E5 licence is also required for Exchange SE in this case.
  • More modern security standards: Support for protocols such as OAuth 2.0, TLS 1.3 and modern authentication.

Microsoft's goal is to provide businesses with a stable and future-proof platform without the need for migrations between complete product generations. This means that you will only have to perform a major migration of your Exchange on-premises infrastructure once. All future steps should then be possible via updates.

Challenges and time pressure during migration

Migrating to Exchange Server SE presents companies with a number of challenges – primarily due to the tight time frame:

  • Release of Exchange SE: Microsoft has now confirmed that the new version will be released in July 2025, which is very close to the end of support for Exchange 2016/2019 in October.
  • Potential risks due to bugs: Historically, new Exchange versions often have significant bugs in the first few months that are only fixed in subsequent updates. Relying on the SE version immediately after release could therefore be risky.
  • Complexity of migration projects: Migrating an Exchange server is time-consuming. Planning, testing and coordination must be taken into account – time that is severely limited by the tight time frame.

    Our recommendation: Don't wait for Exchange Server SE! The time window for a smooth transition is too short, especially if unexpected problems arise. Taking action now is crucial to minimise risks and ensure the security of your IT.

    Recommended procedure for migration

    We recommend the following steps for migrating to Exchange Server SE, based on Microsoft's recommendations:

    1. Analyse the current environment: First, you should check what requirements exist and whether the existing infrastructure is suitable for the transition.
    2. Upgrade to Exchange 2019: Companies still using Exchange 2016 or older versions should first upgrade to the current Exchange 2019 version. This is the only way to easily install Exchange Server SE via an in-place upgrade starting in July. Anyone still running Exchange Server 2016 at the time of release will have to perform a complex migration to Exchange SE within a short period of time.
    3. Prepare a hybrid environment: Like its predecessors, Exchange SE is optimally designed for hybrid scenarios with Microsoft 365. So if you want to use Exchange Online in the future, you should start setting up a hybrid environment now. This can make the transition to Exchange SE easier later on.
    4. Continuous monitoring and test phase: Even before Exchange SE becomes available, you should set up mechanisms to test the new platform as early as possible.

    Planning a migration project requires resources, expertise and time – so we recommend not leaving it until the last minute.

    What are the alternatives?

    Despite the advantages of Exchange Server SE, alternatives often make sense – especially if you want to take action now. Two common options are:

    1. Migration to Exchange Online: Exchange Online offers a fully cloud-based solution that is regularly updated and ensures optimal security and scalability. For companies with lower on-premises requirements, this could be the most secure and cost-effective solution.
    2. Migration to alternative platforms such as Delos Cloud: Delos Cloud is a new sovereign cloud that enables public sector clients in Germany to use a secure and regulated cloud. The services offered there include Office 365 services (including Exchange Online) and Microsoft Azure services, with further solutions from renowned software providers to be added in the future.

      Some sovereignty features are:

      • Physically separated from Microsoft
      • Customer data remains in Germany
      • Operated by a German cloud service provider
      • Functionality and self-sufficiency remain guaranteed in the event of a crisis

        • Claranet supports you in evaluating both options and helps you determine which solution best fits your IT strategy.

        Conclusion: What matters now?

        The end of support for Exchange 2016 and 2019 is forcing companies to act quickly. Whether you are switching to Exchange Server SE, migrating to Exchange Online or looking for alternative solutions, the most important priority is to plan and implement before the window of opportunity closes.

        Secure your Exchange future after 2025

        The end of support for Exchange 2016/2019 in October 2025 is fast approaching. Act now to avoid serious security risks and system instability and future-proof your email communications.

        Benefit from Claranet's many years of experience in planning and executing complex Exchange migrations. We help you overcome the challenges and find the solution that's right for you.

        How to secure your IT environment:

        Deepen your knowledge & get a concrete roadmap:
        Take part in our free webinar: Exchange 2016 & 2019 goodbye. In two hours, you will receive all the important information about risks, possible options (Exchange SE, Online, alternatives) and benefit from a detailed roadmap for your migration.

        Webinar: Exchange 2016 & 2019 goodbye: Your options and the time factor

        Act now to ensure secure and future-proof email communication and avoid the risks of support ending in 2025.