UPDATE: The MS13-061 security update for Exchange 2013 CU1 & CU2 has been pulled until further notice. Microsoft recommends not installing MSI13-061 at the moment and disable Data Loss Prevention and WebReady as described in the Oracle Outside In Contains Multiple Exploitable Vulnerabilities section in the MS13-061 bulletin.
After some people reported issues after installing the MS13-061 (KB2874216) security update on Exchange 2013, it turns out MS13-061 breaks your installation of Exchange 2013 and you can experience the following symptoms:
- The Microsoft Exchange Search Host Controller service is missing;
- You see a new service named “Host Controller service for Exchange”;
- Content index (CI) for mailbox databases shows Failed on affected server.
This is described in KB2879739 including the ‘workaround’, which is consists of three steps:
- Set HKLM\SOFTWARE\Microsoft\Search Foundation for Exchange\Data Directory to $exinstall\Bin\Search\Ceres\HostController\Data (REG_SZ), where $exinstall is the installation folder of your Exchange 2013 installation folder, e.g. C:\Program Files\Microsoft\Exchange Server\V15\Bin\Search\Ceres\HostController\Data;
- Set HKLM\SYSTEM\CurrentControlSet\Services\HostControllerService\DisplayName=”Microsoft Exchange Search Host Controller” (REG_SZ);
- Set HKLM\SYSTEM\CurrentControlSet\Services\HostControllerService\DependOnService=”http” (REG_MULTI_SZ);
- (Re)start the “Microsoft Exchange Search Host Controller” service.
For your convenience, I’ve create a small quick & dirty script as a potential time saver (as far as you can call a three-liner a script and don’t expect extensive error handling as well). This script Workaround-KB2879739.ps1 performs the steps described in the KB2879739 so you can run it right after deploying MS13-061 / KB2874216 on your Exchange 2013 server.
You can download the script here.