Quarterly updates for Exchange are out – Q2 2016

Just in time for summer holidays, BBQs, and fireworks, Microsoft has released the latest series of Cumulative Updates for Exchange 2016 and 2013, as well as Update Rollups for Exchange 2010 and 2007. If you’re like me, and are looking forward to taking some time off soon, you may want to get these applied before you start your holiday. Here’s what you need to know.

Exchange 2016 CU 2

For starters, this will require an update to your Active Directory schema, so plan accordingly. You will need to run setup with both /prepareschema and /preparead switches.

Hooray! We can all finally update our .NET Framework, as this CU supports .NET 4.6.1. You want to patch Exchange, and the underlying operating system, before you apply the .NET update. Use this link to get Cumulative Update 2 for Exchange Server 2016 (KB3135742) and then apply it as normal; Edge, then CAS, then Mailbox roles. Then patch your operating system with the appropriate update as follows-

• Windows Server 2008/2008R2 – KB3146716
• Windows Server 2012 – KB3146714
• Windows Server 2012R2 – KB3146715

Then you can apply the update to the .NET Framework from here.

CU2 also updates Exchange with the latest global changes to Daylight Saving Time, and addresses issues with Exchange 2016 CU1, including the following.

• KB 3160339 MS16-079: Security update for Microsoft Exchange: June 14, 2016
• KB 3134844 Cumulative Update 1 for Exchange Server 2016
• KB 3171162 You cannot search emails in Outlook or Outlook Web App in an Exchange Server 2016 Cumulative Update 1 environment
• KB 3164346 Cannot connect to a mailbox when MAPI over HTTP protocol is used in an on-premises Exchange Server 2016 installation
• KB 3163039 Email message body is garbled when Simplified Chinese characters are included on BCC line in an Exchange Server environment
• KB 3162968 “Failed to load script” error when you log on to OWA and select a language
• KB 3161916 Data loss may occur during public folder migration to Exchange 2013, Exchange 2016, or Exchange Online
• KB 3126723 Retention policy doesn’t work on the In-Place Archive mailbox in Exchange Server

This CU also introduces support for SHA-2 self-signed certificates, though you really should always and only use certificates from a third-party CA to minimize client challenges, and resolves an issue when migrating Public Folders. Office 365 customers should always be on the latest CU, but if you are not and have Public Folder migration in your future, note that a risk of dataloss occurs if you are not on at least this CU.

Remember too that this is the full Exchange 2016 install with CU2, so use this download to replace any media you are using to build new servers.

Exchange 2013 CU 13

Exchange 2013 CU13 does not update the schema, but does revise RBAC roles, so while you won’t need to /prepareschema you will need to /preparead when first running setup.

This too brings the ability to update the .NET Framework. As with Exchange 2016 CU2, you want to patch Exchange, and the underlying operating system, before you apply the .NET update. Use this link to get Exchange Server 2013 Cumulative Update 13 and then apply it as normal; Edge, then CAS, then Transport, then Mailbox roles. Then patch your operating system with the appropriate update as follows-

• Windows Server 2008/2008R2 – KB3146716
• Windows Server 2012 – KB3146714
• Windows Server 2012R2 – KB3146715

Then you can apply the update to the .NET Framework from here.

Exchange 2013 CU 13 also contains DST updates, and addresses the following additional issues-

• MS16-079: Security update for Microsoft Exchange: June 14, 2016

• KB 3164701 Can’t create a new send connector in Exchange Control Panel in Exchange Server 2013
• KB 3164700 Write scope in EAC on a role group reverts to default scope in Exchange Server 2013
• KB 3164359 Stop error and restart triggered by ServerOneCopyInternalMonitorForceReboot responder in Exchange Server 2013
• KB 3163186 “Repair update” message after you send a meeting invitation to a distribution list in Exchange Server 2013
• KB 3163173 NDR after you accept or decline a meeting request in Exchange 2013
• KB 3163039 Email message body is garbled when Simplified Chinese characters are included on BCC line in an Exchange Server environment
• KB 3162964 Items are held unnecessarily in the DiscoveryHold folder in Exchange Server 2013
• KB 3162957 “Invalid search filter” error when you use the “UM Mailbox Policy” filter in Exchange Server 2013
• KB 3162934 Test-ExchangeSearch cmdlet fails without parameters or with the -MailboxDatabase parameter in Exchange Server 2013
• KB 3162933 Outlook client remains disconnected after the mailbox is migrated to Exchange Server 2013
• KB 3162772 Accepted or declined messages for a forwarded meeting are sent to the forwarder in Exchange Server 2013
• KB 3161916 Data loss may occur during public folder migration to Exchange 2013, Exchange 2016, or Exchange Online
• KB 3160935 Public folder forwarding rule doesn’t work after migration to Exchange Server 2013
• KB 3150799 IMAP with NTLM fails if a user’s UPN and primary SMTP address don’t match in Exchange Server 2013
• KB 3150036 The EdgeTransport process crashes on an Exchange Server 2013 server that has the Edge Server role installed
• KB 3149767 “System.FormatException” error is logged in Event Viewer when Exchange Server 2013 runs on a French operating system
• KB 3142157 Exchange Server Health Management Worker process restarts frequently in Exchange Server 2013
• KB 3140102 OWA application pool crashes with KeyNotFound exception in Exchange Server 2013
• KB 3129946 Update to support the AutoReseed feature in a DAG environment that’s BitLocker-enabled in Exchange Server 2013
• KB 3126723 Retention policy doesn’t work on the In-Place Archive mailbox in Exchange Server
• KB 2661294 Email address policy doesn’t generate addresses of recipients in Exchange Server 2010 or Exchange Server 2013

And just as with Exchange 2016, use this download as the source for any additional Exchange 2013 servers you may build, as it is both an update to existing and full install media for new servers.

Exchange 2010 RU 14

Before we go any further, remember that Exchange 2010 is now in Extended Support. If you aren’t already starting to plan for its eventual retirement from your organization, it’s time you start. Since 2010 is in Extended Support, RU 14 will only add security updates since the last RU since there will be no more bug fixes or feature adds/improvements/updates. You can download it by clicking this link-Update Rollup 14 for Exchange Server 2010 Service Pack 3 (KB3151097).

Exchange 2007 RU 20

In case you missed it, Exchange 2007 has less than a year to go before it hits End of Life. By now you should be well on your way to retiring it from your environment. But if you still have it in the field, then RU20 should be applied to all of your 2007 servers, as it too contains security fixes. Download and apply Update Rollup 20 for Exchange Server 2007 Service Pack 3 (KB3151086) which resolves the security issue detailed in MS16-079.

As with all patching, test these in your lab before applying them in production to assure you don’t have any issues with third-party plugins, custom configurations, or anything else. But do apply them, as security updates are included in all four, and you want to keep in a supported state! With less than a year to go on 2007, and 2010 with less than four years, it’s definitely time to start looking at 2013 or 2016 if you haven’t already! Don’t wait until the last month to do this, as anything you look to do is going to take longer than that to complete.