Microsoft's Exchange Server Update Rollout Hits a Snag
- By Kurt Mackie
- August 14, 2013
Microsoft updated several versions of its Exchange Server product on Tuesday, but later pulled the parts of the release related to Exchange 2013.
An update for Exchange 2013 Cumulative Updates 1 and 2 (CU1 and CU2) was removed from the Microsoft
Download Center because of a problem with "critical" security
MS13-061, explained Ross Smith IV, principal program manager for
Exchange customer experience, in a
Wednesday blog post.
MS13-061, which addresses a potential remote
code execution flaw, was released as part of Microsoft's August
patch on Tuesday. It was listed by Microsoft as having "no known issues."
However, Smith singled out an issue when it is installed with Exchange
"Specifically, after the installation of the security update, the Content
Index for mailbox databases shows as Failed and the Microsoft Exchange
Search Host Controller service is renamed," Smith wrote.
Those organizations using Exchange 2013 that applied MS13-061 can follow
the steps in Knowledge Base article KB
2879739 to remedy the situation, according to Smith. The Knowledge
Base article indicates changes to make in the registry. Otherwise, if
MS13-061 hasn't been applied, then Microsoft is advising deferral and
using a workaround described in the MS13-061 security bulletin in the
Other update rollups for Exchange that were
released on Tuesday weren't affected by this security
patch problem. Microsoft released the following Exchange update rollups at
the Microsoft Download Center:
- Update Rollup 11 for Exchange Server 2007 SP3
- Update Rollup 7 for Exchange Server 2010 SP2
- Update Rollup 2 for Exchange Server 2010 SP3
Microsoft has been releasing its Exchange updates on a more frequent
basis as part of a planned "increased
cadence." The idea is to support organizations that use a hybrid mix
of the hosted Exchange Online service along with premises-based Exchange
Server by keeping the changes in sync. Microsoft previously has indicated
that it plans to deliver updates to Exchange 2013 on a quarterly basis, as
part of that faster cadence.
However, many of the monthly delivered update rollups have arrived with
problems. Some IT pros have commented in Microsoft's Exchange blog posts
that they are wary of applying update rollups as a consequence. While
Microsoft claims to test its update rollups before releasing them, Smith
admitted that Microsoft didn't test a local server version of Exchange
2013 this time with regard to the MS13-061 security patch.
Smith promised that Microsoft would do local server testing before
releasing future Exchange updates. However, he also acknowledged that
Microsoft's optimistic release cadence for Exchange might get a second
"We will continue to make improvements in our release cadence and testing
methodologies over time to ferret out these issues," Smith wrote. "These
changes may mean that our once a quarter release cadence for Exchange 2013
Kurt Mackie is senior news producer for the 1105 Enterprise Computing Group.