Exchange Updates – March 2018

Ex2013 LogoThe Exchange Team released the March updates for Exchange Server 2013 and 2016, and these Cumulative Updates contain a ton of fixes. Like the earlier Cumulative Updates for Exchange 2013 and Exchange 2016, and in addition to the fixes – see below – these Cumulative Updates contain the following important changes:

  • Support for .NET Framework 4.7.1. Be advised that .NET Framework 4.7.1 will be required for the next cycle of quarterly updates, which will be released in June 2018.
  • Full support for TLS 1.2. More information and guidance here.

On a smaller note, Exchange 2010 Service Pack 3 Rollup 20 was also released, which contains two security fixes CVE-2018-0924 and CVE-2018-0940, as well as DST changes.

Version Build KB Article Download UMLP Schema Changes
Exchange 2016 CU9 15.1.1466.3 KB4055222 Download UMLP No
Exchange 2013 CU20 15.0.1367.3 KB4055221 Download UMLP No
Exchange 2010 SP3 RU20 14.3.389.1 KB4073537 Download

Exchange 2016 CU9 fixes:

  • 4054513 Mailbox usage status bar in OWA displays incorrect mailbox usage
  • 4055433 User is added to an entire series when accepting a single instance through Exchange ActiveSync
  • 4057216 Health mailbox’s password is exposed in logs for a failed probe in Exchange Server 2016 and 2013
  • 4058373 “A parameter cannot be found” error when you run Install-AntiSpamAgents.ps1 in Exchange Server 2016 CU7
  • 4058379 All cross-forest meeting updates have to be accepted again in Exchange Server 2016 and 2013
  • 4058383 Exchange Control Panel (ECP) redirection fails in Exchange Server 2016
  • 4058384 Get-CalendarDiagnosticAnalysis shows DateTime in 12-hour clock in Exchange Server 2016 and 2013
  • 4058399 Disabling a mailbox can’t remove legacyExchangeDN from user’s properties in Exchange Server 2016
  • 4073094 Emails outside a UID range are returned when you request for emails by using IMAP
  • 4073095 “550 5.6.0 CAT.InvalidContent.Exception” and email isn’t delivered in Exchange Server 2016 and 2013
  • 4073104 PIN can be reset on a Unified Messaging (UM)-enabled mailbox for a user outside a scoped OU
  • 4073103 The Enable-Mailbox cmdlet doesn’t block migrated users from provisioning in Exchange Server 2016
  • 4073107 Language can’t be changed when a user from a child domain tries to change language in OWA
  • 4073111 Can’t access a CAS website such as OWA/ECP/Autodiscover in Exchange Server 2016
  • 4073110 You can’t access OWA or ECP after you install Exchange Server 2016 CU8
  • 4073109 Search-MailboxAuditLog -ShowDetails not showing all messages in Exchange Server 2016
  • 4073114 “ADOperationException” error when OWA text verification fails in Exchange Server 2016
  • 4073214 Can’t enable OWA offline access in Exchange Server 2016
  • 4073531 CultureNotFoundException when selecting a LCID 4096 language in OWA for Exchange Server 2016
  • 4076520 MatchSubdomains isn’t usable for Set-AcceptedDomain in Exchange Server 2016
  • 4076741 Incorrect NDR when an administrator deletes a message from a queue in Exchange Server 2016
  • 4077655 Event ID 258 “Unable to determine the installed file” after you uninstall Windows PowerShell 2.0
  • 4057290 Incorrect user is returned in the ECP when one user’s display name matches another user’s alias
  • 4058372 Blank page in Exchange Admin Center Audit Log in Exchange Server 2016
  • 4058382 Can’t retrieve time slot information about private calendar items as a delegate on another user’s account in Exchange Server 2016
  • 4058401 Administrator audit logging does not record Set-ServerComponentState cmdlet details in Exchange Server 2013 or 2016 environment
  • 4073097 Monitoring probes of ECP.Proxy health checks fail on all CAS roles in Exchange Server 2013 and 2016
  • 4073098 The ETS and EXS groups are incorrectly granted “SeDebugPrivilege” in Exchange Server 2016 on-premises
  • 4073108 “There was a problem loading your options” error when a user accesses OWA Voice Mail options in Exchange Server 2016
  • 4077924 Store Worker process crashes when you move, restore, or repair mailboxes that have issues with the logical index within the database in Exchange Server 2016
  • 4091453 Update improves linguistics features and CJK handling for search in Exchange Server 2016
  • 4073392 Description of the security update for Microsoft Exchange: March 13, 2018

Exchange 2013 CU20 fixes:

  • 4073392 Description of the security update for Microsoft Exchange: March 13, 2018
  • 4073094 Emails outside a UID range are returned when you request for emails by using IMAP
  • 4073097 Monitoring probes of ECP.Proxy health checks fail on all CAS roles in Exchange Server 2013 and 2016
  • 4057216 Health mailbox’s password is exposed in logs for a failed probe in Exchange Server 2016 and 2013
  • 4058384 Get-CalendarDiagnosticAnalysis shows DateTime in 12-hour clock in Exchange Server 2016 and 2013
  • 4057290 Incorrect user is returned in the ECP when one user’s display name matches another user’s alias
  • 4055433 User is added to an entire series when accepting a single instance through Exchange ActiveSync
  • 4058401 Administrator audit logging does not record Set-ServerComponentState cmdlet details in Exchange Server 2013 or 2016 environment
  • 4073095 “550 5.6.0 CAT.InvalidContent.Exception” and email isn’t delivered in Exchange Server 2016 and 2013
  • 4058379 All cross-forest meeting updates have to be accepted again in Exchange Server 2016 and 2013
  • 4073093 Save issues occur when you use the plain Text Editor in OWA of Exchange Server 2013
  • 4073096 Emails sent from a shared mailbox aren’t saved in Sent Items when MessageCopyForSentAsEnabled is True

Notes:

  • Exchange 2016 CU7 and later requires Forest Functionality Level 2008R2 or later.
  • Exchange 2016 CU8 and Exchange 2013 CU18 do not contain schema changes compared to their previous Cumulative Update. However, they may introduce RBAC changes in your environment. Use setup /PrepareSchema to manually update the schema, or use /PrepareAD to apply RBAC changes, before deploying or updating Exchange servers. To see if you need to update the schema compared to your version or verify the update has been performed, consult the Exchange schema overview.
  • When upgrading from an n-2 or earlier version of Exchange, or an early version of the .NET Framework, consult Upgrade Paths for CU’s & .NET.
  • When upgrading your Exchange 2013 or 2016 installation, don’t forget to put the server in maintenance mode when required. Regardless, setup will put the server in server-wide offline mode post-analysis, before making actual changes.
  • Using Windows Management Framework (WMF)/PowerShell version 5 or later on anything earlier than Windows Server 2016 is not supported. Don’t install WMF5 on your Exchange servers running on Windows Server 2012 R2 or earlier.
  • When using Exchange hybrid deployments or Exchange Online Archiving (EOA), you are required to stay at most one version behind (n-1).
  • If you want to speed up the update process for systems without internet access, you can follow the procedure described here to disable publisher’s certificate revocation checking.
  • Cumulative Updates can be installed directly, i.e. no need to install RTM prior to installing Cumulative Updates.
  • Once installed, you can’t uninstall a Cumulative Update nor any of the installed Exchange server roles.
  • The order in which you upgrade servers with Cumulative Updates is irrelevant.

Caution:

As for any update, I recommend to thoroughly test updates in a test environment prior to implementing them in production. When you lack such facilities, hold out a few days and monitor the comments on the original publication or forums for any issues.

 

Exchange 2013 Cumulative Update 9

Ex2013 LogoThe Exchange Team released Cumulative Update 9 for Exchange Server 2013 (KB3049849). This update raises Exchange 2013 version number to 15.0.1104.5.

Cumulative Update reintroduces configuration of sent items for shared mailboxes, as was possible in Exchange 2010 but wasn’t available in Exchange 2013 yet. More information here.

Next to a security fix for MS15-064, this Cumulative Update contains the following fixes:

  • KB2983216 Category setting on an item in Outlook jumps the selection to the top of the list in an Exchange Server 2013 environment
  • KB2988660 Role assignment with custom write scope fails in an Exchange Server 2013 environment
  • KB3003978 Email messages are displayed with incorrect format in Outlook in an Exchange Server 2013 environment
  • KB3006849 GSSAPI-based Kerberos authentication protocol is not offered to IMAP clients in Exchange Server 2013
  • KB3009631 Advanced Find against the Sent Items folder in Outlook returns no result in Exchange Server 2013
  • KB3032153 Recurring events in Calendar over DST are not adjusted on all ActiveSync devices in all Exchange Server environments
  • KB3040681 MapiExceptionTimeout error during a hierarchy synchronization process of multiple public folders in Exchange Server 2013
  • KB3040683 System WLM overrides do not work when you do on-premises installations in Exchange Server 2013
  • KB3049081 OwaDeepTestProbe probe fails intermittently on a server that installs the Mailbox server role in Exchange Server 2013
  • KB3049771 Outlook Web App logon page takes longer time than expected to time out in an Exchange Server 2013 environment
  • KB3050825 EdgeTransport.exe starts to crash when PriorityQueuingEnabled is set to “True” in Exchange Server 2013
  • KB3050877 Emails that are sent as a secondary mailbox are not saved in the delegate’s Sent Items folder in Exchange Server 2013
  • KB3055940 “Object reference not set to an instance” error when you install cumulative update in Exchange Server 2013
  • KB3056045 “Cannot find Template User object” error when you find contacts that use a consumer domain in Exchange Server 2013
  • KB3056133 Exchange Server 2013 Activation time of transport rule is not displayed in UTC time
  • KB3056413 SMTP connection fails when you log on with a child domain account and use NTLM authentication in Exchange Server 2013
  • KB3056817 Update adds the Let me select the message option in Outlook Web App in an Exchange Server 2013 environment
  • KB3056822 Dynamics CRM 2013 stops synchronizing items from mailbox in an Exchange Server 2013 environment
  • KB3060825 The MSExchangeDelivery service crashes when you receive an email message from a specific sender in Exchange Server 2013
  • KB3064393 “Bad Command. 12” error and IMAP CAPABILITY commands are not offered in an Exchange Server 2013 co-existence environment
  • KB3068681 RPC encryption requirement is re-enabled for RPC Client Access Service after you upgrade server in Exchange Server 2013
  • KB3069060 Recurring meetings are accepted when their time conflicts on the same room mailbox in Exchange Server 2013
  • KB3069501 Duplicate folders are created after a mailbox move in Exchange Server 2013 Enterprise
  • KB3071427 Outlook Web App still downloads web beacon contents when you forward email messages in Exchange Server 2013

Notes:

  • If the new Set-Mailbox parameters for Sent Items configuration, i.e. MessageCopyForSentAsEnabled and MessageCopyForSendOnBehalfEnabled, are not available after installing this CU, run Setup /PrepareAD /IAcceptExchangeServerLicenseTerms explicitly.
  • When using Exchange hybrid deployments or Exchange Online Archiving (EOA), you are required to stay current.
  • Previously released CU7 introduced changes to prevent restoration of pre-CU7 databases. Pre-CU7 users are advised to perform a full backup post-upgrade to CU7 or later.
  • Previously released CU7 added support for hierarchies containing 250,000 modern public folders. Consult this article for co-existence scenarios.

This Cumulative Update does not include schema or Active Directory changes when compared to Cumulative Update 7. If you have deployed a version earlier than CU7, make sure you run PrepareSchema /PrepareAD.  If you want to speed up the Cumulative Update installation process, you can temporarily disable certificate revocation checking as described here.

Note that Cumulative Updates can be installed directly, i.e. no need to install RTM prior to installing Cumulative Updates. Note that once installed, you can’t uninstall a Cumulative Update nor any of the installed Exchange server roles. The order of upgrading servers is irrelevant, unlike with previous generations of Exchange.

Finally, and I can’t emphasize this enough: For any Hotfix, Rollup, Service Pack or Cumulative Update, I’d recommend to thoroughly test this in a test and acceptance environment first, prior to implementing it in production. When you lack such facilities, hold out a week or two and monitor the comments on the release article or TechNet forum for any issues.

You can download Exchange 2013 Cumulative Update 8 here; UM Language Packs can be found here.