Rollup Redux – Microsoft Releases Updates For Many Exchange Versions

Shortly after Microsoft had to pull the release of Exchange 2010 SP2 RU5 due to issues, a revised RU5v2 has been released, along with RU8 for Exchange 2010 SP1 and also RU9 for Exchange 2007 SP3. This round of RUs comes out just in time for you to test and deploy during the slow parts of the year; assuming of course that you aren’t taking holiday between now and year’s end.

All three include the fix for MS12-080, which addresses a critical security issue in both Exchange 2010 and 2007. Please note, the patch for MS12-080 is available separately from http://technet.microsoft.com/en-us/security/Bulletin/MS12-080. Since this patch does address publicly known vulnerabilities that can be exploited by sending malicious content to an OWA user, it’s essential that all Exchange admins apply at least MS12-080 if not the entire RU. Interestingly, the RUs for 2010 SP1 and 2007 SP3 seem only to address that vulnerability!

Here’s a brief rundown on what the 2010 SP2 RU5v2 addresses.

Exchange 2010 SP2 RU5v2

 

  • 2707146 (http://support.microsoft.com/kb/2707146/ )

IRM-protected messages cannot be returned in search results if the messages are recorded and sent to an external contact in an Exchange Server 2010 environment

  • 2710975 (http://support.microsoft.com/kb/2710975/ )

Some MAPI property objects in an ANSI .pst file contain unreadable characters if you import the file by using the “New-MailboxImportRequest” cmdlet

  • 2712001 (http://support.microsoft.com/kb/2712001/ )

ExTRA.exe does not collect data if you select a scheduled task for a data collection in an Exchange Server 2010 environment

  • 2712595 (http://support.microsoft.com/kb/2712595/ )

Microsoft Exchange RPC Client Access service crashes when you run the New-MailboxExportRequest cmdlet in an Exchange Server 2010 environment

  • 2716145 (http://support.microsoft.com/kb/2716145/ )

Store.exe crashes on an Exchange Server 2010 mailbox server if a VSAPI based antivirus software is used

  • 2717522 (http://support.microsoft.com/kb/2717522/ )

Microsoft Exchange System Attendant service crashes on an Exchange Server 2010 server when you update the OAB that contains a DBCS address list

  • 2720017 (http://support.microsoft.com/kb/2720017/ )

An RBAC role assignee can unexpectedly change a DAG that is outside the management role group scope in an Exchange Server 2010 environment

  • 2727802 (http://support.microsoft.com/kb/2727802/ )

Microsoft Exchange Replication service crashes intermittently when you try to move mailboxes from an Exchange Server 2003 server to an Exchange Server 2010 server

  • 2733415 (http://support.microsoft.com/kb/2733415/ )

Event ID 1 is logged on the Exchange Server 2010 Client Access server in a mixed Exchange Server 2010 and Exchange Server 2003 environment

  • 2733609 (http://support.microsoft.com/kb/2733609/ )

Email message and NDR message are not delivered if an email message contains unsupported character sets in an Exchange Server 2010 environment

  • 2743761 (http://support.microsoft.com/kb/2743761/ )

DAG loses quorum if a router or switch issue occurs in an Exchange Server 2010 environment

  • 2748766 (http://support.microsoft.com/kb/2748766/ )

Retention policy information does not show “expiration suspended” in Outlook Web App when the mailbox is set to retention hold in an Exchange Server 2010 environment

  • 2748767 (http://support.microsoft.com/kb/2748767/ )

You receive an NDR message that incorrectly contains recipients of successful message delivery in an Exchange Server 2010 environment

  • 2748879 (http://support.microsoft.com/kb/2748879/ )

You cannot access a mailbox by using an EWS application in an Exchange Server 2010 environment

  • 2749075 (http://support.microsoft.com/kb/2749075/ )

A copy of an archived item remains in the Recoverable Items folder of a primary mailbox in an Exchange Server 2010 environment

  • 2749593 (http://support.microsoft.com/kb/2749593/ )

Outlook logging file lists all the accepted and internal relay domains in the Exchange Server 2010 organization when you enable troubleshooting logging

  • 2750293 (http://support.microsoft.com/kb/2750293/ )

Items remain in the “Recoverable Items\Deletions” folder after the retention age limit is reached in an Exchange Server 2010 environment

  • 2750847 (http://support.microsoft.com/kb/2750847/ )

An Exchange Server 2010 user unexpectedly uses a public folder server that is located far away or on a slow network

  • 2763886 (http://support.microsoft.com/kb/2763886/ )

“The operation failed” error in the Outlook client when you open a saved message from the Drafts folder and then try to send it in an Exchange Server 2010 environment

There is some interesting discussion going on in the comments on the Exchange team’s post on this. Several users are calling the team to task on the issues with the original releases of RU4 and RU5 for Exchange 2010 SP2. While I am not sure that is the place, I have to acknowledge their points. Two RUs in a row that had to be pulled really drives home both the need to test, and the wisdom of waiting. Unfortunately, if everyone waits to deploy an RU, none of us will hear if there are any issues.

You can read the Exchange Team blog post here. And you can download the specific RUs from the following links.

Update Rollup 5-v2 for Exchange Server 2010 Service Pack 2

Update Rollup 8 for Exchange Server 2010 Service Pack 1

Update Rollup 9 for Exchange Server 2007 Service Pack 3

Remember that one of the best ways to keep your systems secure is to keep up to date on all security patches. MS12-080 is a critical update, and if a user receives a specially crafted message and views it in OWA, the exploit code will execute in the context of SYSTEM, not the user. This is not one to wait on. Test, and then deploy, at least this update as soon as possible.

Written by Casper Manes

I currently work as a Senior Messaging Consultant for one of the premier consulting firms in the world, I cut my teeth on Exchange 5.0, and have worked with every version of Microsoft’s awesome email package since then, as well as MHS, Sendmail, and MailEnable systems. I've written dozens of articles on behalf of my past employers, their partners, and others, and I finally decided to embrace blogging and social media, so please follow me on Twitter @caspermanes if you enjoy my posts.