Exchange 2013 CU9 – what you need to know

Exchange 2013 admins should be pleased to know that the latest cumulative update for Exchange 2013, CU9, has been released. Made available on June 16, admins can download this CU from http://www.microsoft.com/downloads/details.aspx?FamilyID=2a53a863-4cc8-46df-8e9d-04ef87b5439d.

Weighing in at 1.6 GB, this can be used to update existing Exchange 2013 installs or used to deploy a new server from scratch. Here’s the highlights of this latest CU.

It’s called a cumulative update, because it is!

Remember that you can use a CU to update any earlier version of Exchange 2013… they are cumulative. You can take a base install of 2013 RTM and update it with this, or you can update any Exchange 2013 server running any CU.

Even so, don’t take that to mean you can skip CUs

Please remember that CUs are patches, and include both bug fixes and security updates. Just because you can update a server from RTM to CU9, don’t take that to mean it’s cool to skip CUs. Ideally, you should be at N, or at worst, N-1. This will keep you in supported territory, and it also means you aren’t running code that may have publicly known and actively exploited vulnerabilities!

If you’re on CU8, you really want this CU!

CU8 and SP1 both have a security vulnerability, listed as MS15-064, which can lead to an escalation of privilege. CU9 resolves this, so while N-1 may be supported, N is the place to be.

Yes, you will have to reboot

Sorry to those of you who like to try to do stuff during the day. Unless you have full redundancy and DAGs and you want to fail users over to another server, you will be deploying this CU after hours since a reboot is required. Of course, if your Exchange server reboots faster than users’ workstations… no, better not try that one!

Will I need to update my schema?

If you are already running CU6 or earlier, then yes. If you already updated your schema when you deployed CU7 or CU8 then you are good to go!

Test before you deploy

A CU cannot be uninstalled. Attempting to do so removes Exchange from the server, so as with every patch and update, you should test this in the lab before you deploy it in production!

Installation order

Look at deploying this CU like any other update to Exchange. Start at the edge and work your way back in, so you will patch Edge Transport first, then CAS, then Mailbox servers.

There are 24 other fixes in this CU

Here’s the full list, along with links to KB articles, on what is fixed in CU9 other than MS15-064.

Additionally, this update resolves the issues that are described in the following Microsoft Knowledge Base articles:

• KB 2983216 Category setting on an item in Outlook jumps the selection to the top of the list in an Exchange Server 2013 environment
• KB 2988660 Role assignment with custom write scope fails in an Exchange Server 2013 environment
• KB 3003978 Email messages are displayed with incorrect format in Outlook in an Exchange Server 2013 environment
• KB 3006849 GSSAPI-based Kerberos authentication protocol is not offered to IMAP clients in Exchange Server 2013
• KB 3009631 Advanced Find against the Sent Items folder in Outlook returns no result in Exchange Server 2013
• KB 3032153 Recurring events in Calendar over DST are not adjusted on all ActiveSync devices in all Exchange Server environments
• KB 3040681 MapiExceptionTimeout error during a hierarchy synchronization process of multiple public folders in Exchange Server 2013
• KB 3040683 System WLM overrides do not work when you do on-premises installations in Exchange Server 2013
• KB 3049081 OwaDeepTestProbe probe fails intermittently on a server that installs the Mailbox server role in Exchange Server 2013
• KB 3049771 Outlook Web App logon page takes longer time than expected to time out in an Exchange Server 2013 environment
• KB 3050825 EdgeTransport.exe starts to crash when PriorityQueuingEnabled is set to “True” in Exchange Server 2013
• KB 3050877 Emails that are sent as a secondary mailbox are not saved in the delegate’s Sent Items folder in Exchange Server 2013
• KB 3055940 “Object reference not set to an instance” error when you install cumulative update in Exchange Server 2013
• KB 3056045 “Cannot find Template User object” error when you find contacts that use a consumer domain in Exchange Server 2013
• KB 3056133 Exchange Server 2013 Activation time of transport rule is not displayed in UTC time
• KB 3056413 SMTP connection fails when you log on with a child domain account and use NTLM authentication in Exchange Server 2013
• KB 3056817 Update adds the Let me select the message option in Outlook Web App in an Exchange Server 2013 environment
• KB 3056822 Dynamics CRM 2013 stops synchronizing items from mailbox in an Exchange Server 2013 environment
• KB 3060825 The MSExchangeDelivery service crashes when you receive an email message from a specific sender in Exchange Server 2013
• KB 3064393 “Bad Command. 12” error and IMAP CAPABILITY commands are not offered in an Exchange Server 2013 co-existence environment
• KB 3068681 RPC encryption requirement is re-enabled for RPC Client Access Service after you upgrade server in Exchange Server 2013
• KB 3069060 Recurring meetings are accepted when their time conflicts on the same room mailbox in Exchange Server 2013
• KB 3069501 Duplicate folders are created after a mailbox move in Exchange Server 2013 Enterprise
• KB 3071427 Outlook Web App still downloads web beacon contents when you forward email messages in Exchange Server 2013

Once again, don’t forget to first test before you deploy. After that, submit your change requests and get approval, perform full backups, and most importantly, plan to get all of your servers on the same CU as quickly as you can. While it is supported to be on different CUs between different roles, as long as you are no further back than N-1, best practices are to keep all your Exchange servers on the same version. So, get to testing, and then get to patching. Have fun!