Exchange Updates – September 2021

The Exchange Team released the quarterly Cumulative Updates for Exchange Server 2019 as well as Exchange 2016.

Be advised that these CUs will introduce something which is called the Exchange Emergency Mitigation Service. This service is designed to distribute and implement mitigations addressing potential threats. For this, the URL Rewrite Module needs to be installed on the Exchange server. When you have Exchange running on Windows Server 2012 R2, you will also need an update for the Universal C Runtime (KB2999226). Periodically, the EEM service will reach out to the Office Config Service (OCS) through endpoint https://officeclient.microsoft.com, and update its set of configured mitigations. More on EEM and managing its configuration here.

Links to the updates as well as a description of changes and fixes are described below. The column Schema and AD indicate if the CU contains Schema (/PrepareSchema) and Active Directory (PrepareAD) changes compared to the previous CU. Refer to the Exchange Schema page for schema and related versioning information.

VersionBuildKBDownloadUMLPSchemaAD
Exchange 2019 CU1115.2.986.5KB5005334Download NY
Exchange 2016 CU2215.1.2375.7KB5005333DownloadUMLPNY

Exchange 2019 CU11 fixes:

  • 5006980 Bad signature error using PerfView in Exchange Server 2019 and 2016 (KB5006980)
  • 5006982 On-premises Exchange queues back up because of incorrect default value (KB5006982)
  • 5006983 Exchange Server 2019 and 2016 certificates created during setup use SHA-1 hash (KB5006983)
  • 5006984 PrepareAD fails if Computers container or RODCs are renamed or moved in Exchange Server 2019 and 2016 (KB5006984)
  • 5006986 Opening an Outlook message from the desktop removes line spacing (KB5006986)
  • 5006988 Export of .pst file is unexpectedly triggered again in Exchange Server 2019 and 2016 (KB5006988)
  • 5006989 Accepted domains with wildcards for subdomains are not honored when Edge server maps AddressSpaces (KB5006989)
  • 5006990 Exchange CU installation fails after you configure fallback to use default character set (5006990)
  • 5006991 Mail quota warning messages no longer sent daily in Exchange Server 2019 (KB5006991)
  • 5006992 No room lists found when trying to add a room in OWA in Exchange Server 2019 or 2016 (KB5006992)
  • 5006993 Can’t log on to OWA in Chrome if SSL is offloaded in Exchange Server 2019 and 2016 (KB5006993)
  • 5006994 BCC values not retained in Sent Items in a shared mailbox in Exchange Server 2019 and 2016 (5006994)
  • 5006995 Korean email messages display some recipients incorrectly in Exchange Server 2019 and 2016 (KB5006995)
  • 5006996 Export-AutoDiscoverConfig exposes admin password and does not work against domain controllers that require signing (KB5006997)
  • 5006997 Korean messages in OWA display “From” as “Start date” after you filter the list in Exchange Server 2019 and 2016
  • 5006999 “401” error and Outlook repeatedly prompts for credentials in Exchange Server 2019 (KB5006999)
  • 5007042 Error window appears when you view features in OWA Virtual Directory (KB5007042)
  • 5007043 Exchange Server SU updates Add/Remove Programs incorrectly (KB5007043)
  • 5007044 Start-MailboxAssistant not available in EMS in Exchange Server 2019 (KB5007044)

Exchange 2016 CU22 fixes:

  • 5006980 Bad signature error using PerfView in Exchange Server 2019 and 2016 (KB5006980)
  • 5006982 On-premises Exchange queues back up because of incorrect default value (KB5006982)
  • 5006983 Exchange Server 2019 and 2016 certificates created during setup use SHA-1 hash (KB5006983)
  • 5006984 PrepareAD fails if Computers container or RODCs are renamed or moved in Exchange Server 2019 and 2016 (KB5006984)
  • 5006986 Opening an Outlook message from the desktop removes line spacing (KB5006986)
  • 5006988 Export of .pst file is unexpectedly triggered again in Exchange Server 2019 and 2016 (KB5006988)
  • 5006989 Accepted domains with wildcards for subdomains are not honored when Edge server maps AddressSpaces (KB5006989)
  • 5006992 No room lists found when trying to add a room in OWA in Exchange Server 2019 or 2016 (KB5006992)
  • 5006993 Can’t log on to OWA in Chrome if SSL is offloaded in Exchange Server 2019 and 2016 (KB5006993)
  • 5006994 BCC values not retained in Sent Items in a shared mailbox in Exchange Server 2019 and 2016 (5006994)
  • 5006995 Korean email messages display some recipients incorrectly in Exchange Server 2019 and 2016 (KB5006995)
  • 5006996 Export-AutoDiscoverConfig exposes admin password and does not work against domain controllers that require signing (KB5006997)
  • 5006997 Korean messages in OWA display “From” as “Start date” after you filter the list in Exchange Server 2019 and 2016
  • 5007042 Error window appears when you view features in OWA Virtual Directory (KB5007042)
  • 5007043 Exchange Server SU updates Add/Remove Programs incorrectly (KB5007043)

Notes:

  • If these Cumulative Updates contain schema changes compared to the Cumulative Update you have deployed, you need to run Setup with /PrepareSchema. If they contain Active Directory changes, you need to run /PrepareAD. Alternatively, permissions permitting, you can let Setup perform this step. Consult the Exchange schema versions page for schema and related versioning information.
  • When upgrading from an n-2 or earlier version of Exchange, or an early version of the .NET Framework, consult Upgrade Paths for CU’s & .NET.
  • Don’t forget to put the Exchange server in maintenance mode prior to updating. Regardless, setup will put the server in server-wide offline mode post-analysis, before making actual changes.
  • When using Exchange hybrid deployments or Exchange Online Archiving (EOA), support requires you to trail at most one version (n-1).
  • If you want to speed up the update process for systems without internet access, you can follow the procedure described here to disable publisher’s certificate revocation checking.
  • Cumulative Updates can be installed directly; no need to install RTM prior to installing Cumulative Updates.
  • Once upgraded, you can’t uninstall a Cumulative Update nor any of the installed Exchange server roles.
  • The recommended upgrade order is internet-facing, non-internet-facing servers first, followed by Edge Transports.

Caution:

As for any update, I recommend to thoroughly test updates in a test environment prior to implementing them in production. When you lack such facilities, hold out a few days and monitor the comments on the original publication or forums for any issues.

5 thoughts on “Exchange Updates – September 2021

  1. If I choose the unattended installation option IAcceptExchangeServerLicenseTerms_DiagnosticDataOFF
    Is it possible to change it after the installation to DiagnosticDataON for example with powershell?

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.