News

Microsoft's Exchange Server Update Rollout Hits a Snag

Microsoft updated several versions of its Exchange Server product on Tuesday, but later pulled the parts of the release related to Exchange 2013.

An update for Exchange 2013 Cumulative Updates 1 and 2 (CU1 and CU2) was removed from the Microsoft Download Center because of a problem with "critical" security update MS13-061, explained Ross Smith IV, principal program manager for Exchange customer experience, in a Wednesday blog post.

MS13-061, which addresses a potential remote code execution flaw, was released as part of Microsoft's August security patch on Tuesday. It was listed by Microsoft as having "no known issues." However, Smith singled out an issue when it is installed with Exchange 2013.

"Specifically, after the installation of the security update, the Content Index for mailbox databases shows as Failed and the Microsoft Exchange Search Host Controller service is renamed," Smith wrote.

Those organizations using Exchange 2013 that applied MS13-061 can follow the steps in Knowledge Base article KB 2879739 to remedy the situation, according to Smith. The Knowledge Base article indicates changes to make in the registry. Otherwise, if MS13-061 hasn't been applied, then Microsoft is advising deferral and using a workaround described in the MS13-061 security bulletin in the interim.

Other update rollups for Exchange that were released on Tuesday weren't affected by this security patch problem. Microsoft released the following Exchange update rollups at the Microsoft Download Center:

  • Update Rollup 11 for Exchange Server 2007 SP3
  • Update Rollup 7 for Exchange Server 2010 SP2
  • Update Rollup 2 for Exchange Server 2010 SP3

Microsoft has been releasing its Exchange updates on a more frequent basis as part of a planned "increased cadence." The idea is to support organizations that use a hybrid mix of the hosted Exchange Online service along with premises-based Exchange Server by keeping the changes in sync. Microsoft previously has indicated that it plans to deliver updates to Exchange 2013 on a quarterly basis, as part of that faster cadence.

However, many of the monthly delivered update rollups have arrived with problems. Some IT pros have commented in Microsoft's Exchange blog posts that they are wary of applying update rollups as a consequence. While Microsoft claims to test its update rollups before releasing them, Smith admitted that Microsoft didn't test a local server version of Exchange 2013 this time with regard to the MS13-061 security patch.

Smith promised that Microsoft would do local server testing before releasing future Exchange updates. However, he also acknowledged that Microsoft's optimistic release cadence for Exchange might get a second look.

"We will continue to make improvements in our release cadence and testing methodologies over time to ferret out these issues," Smith wrote. "These changes may mean that our once a quarter release cadence for Exchange 2013 may change."

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.

Featured

  • Broadcom Revamps VMware Partner Program Again

    Broadcom recently announced a significant update regarding its VMware Cloud Service Provider (VCSP) program, coinciding with the release of VMware Cloud Foundation (VCF) 9.0, a key component in Broadcom’s private cloud strategy.

  • Closeup of the new Copilot keyboard key

    Microsoft Updates Copilot To Add Context-Sensitive Agents to Teams, SharePoint

    Microsoft has rolled out a new public preview for collaborative "always on" agents in Microsoft 365 Copilot, bringing enhanced, context-aware tools into Teams channels, meetings, SharePoint sites, Planner workstreams and Viva Engage communities.

  • Windows 365 Cloud Apps Now Available for Public Preview

    Microsoft announced this week that Windows 365 Cloud Apps are now available for public preview. This aims to allow IT administrators to stream individual Windows applications from the cloud, removing the need to assign Cloud PCs to every user.

  • Report: Security Initiatives Can't Keep Pace with Cloud, AI Boom

    The increasingly fast adoption of hybrid, multicloud, and AI systems is easily outgrowing existing security measures, according to a recent global survey by the Cloud Security Alliance (CSA) and exposure management firm Tenable.