Exchange 2016/2013/2010 Updates March 2017

Today, the Exchange Team released the March updates for Exchange Server 2013 and 2016, as well as Exchange Server 2010 and 2007. The latter will receive its last update, as Exchange 2007 will reach end-of-life April 11, 2017.

As announced in December updates, Exchange 2013 CU16 and Exchange 2016 CU5 require .NET 4.6.2. The recommended upgrade paths:

  • If you are still on .NET 4.6.1, you can upgrade to .NET 4.6.2 prior of after installing the latest Cumulative Update.
  • If you are on .NET 4.52, upgrade to Exchange 2016 CU4 or Exchange 2013 CU15 if you are not already on that level, then upgrade to .NET 4.6.2, and finally upgrade to the the latest Cumulative Update.

The Cumulative Updates also include DST changes, which is also contained in the latest Rollups published for Exchange 2010 and 2007.

For a list of fixes in these updates, see below.

Exchange 2016 CU5

15.1.845.34

KB4012106

Download

UMLP

Exchange 2013 CU16

15.0.1293.2

KB4012112

Download

UMLP

Exchange 2010 SP3 Rollup 17

14.3.352.0

KB4011326

Download

 

Exchange 2007 SP3 Rollup 23

8.3.517.0

KB4011325

Download

 

Exchange 2016 CU5 fixes:

  • KB4015665 SyncDelivery logging folders and files are created in wrong location in Exchange Server 2016
  • KB4015664 A category name that has different case-sensitivity than an existing name is not created in Exchange Server 2016
  • KB4015663 “The message content has become corrupted” exception when email contains a UUE-encoded attachment in Exchange Server 2016
  • KB4015662 Deleted inline picture is displayed as attachment after you switch the message to plain text in Exchange Server 2016
  • KB4015213 Email is still sent to Inbox when the sender is deleted from the Trusted Contacts list in Exchange Server 2016
  • KB4013606 Search fails on Exchange Server 2016 or Exchange Server 2013
  • KB4012994 PostalAddressIndex element isn’t returning the correct value in Exchange Server 2016

Exchange 2013 CU16 fixes:

  • KB4013606 Search fails on Exchange Server 2016 or Exchange Server 2013

Notes:

Exchange 2016 CU5 doesn’t include schema changes, however, Exchange 2016 CU5 as well as Exchange 2013 CU16 may introduce RBAC changes in your environment. Where applicable, use setup /PrepareSchema to update the schema or /PrepareAD to apply RBAC changes, before deploying or updating Exchange servers. To verify this step has been performed, consult the Exchange schema overview.

When upgrading your Exchange 2013 or 2016 installation, don’t forget to put the server in maintenance mode when required. Do note that upgrading, before installing the Exchange binaries, setup will put the server in server-wide offline-mode.

Using Windows Management Framework (WMF)/PowerShell version 5 on anything earlier than Windows Server 2016 is not supported. Don’t install WMF5 on your Exchange servers running on Windows Server 2012 R2 or earlier.

When using Exchange hybrid deployments or Exchange Online Archiving (EOA), you are allowed to stay at least one version behind (n-1).

  • If you want to speed up the update process for systems without internet access, you can follow the procedure described here to disable publisher’s certificate revocation checking.
  • Cumulative Updates can be installed directly, i.e. no need to install RTM prior to installing Cumulative Updates.
  • Once installed, you can’t uninstall a Cumulative Update nor any of the installed Exchange server roles.
  • The order of upgrading servers with Cumulative Updates is irrelevant.

Caution: As for any update, I recommend to thoroughly test updates in a test environment prior to implementing them in production. When you lack such facilities, hold out a few days and monitor the comments on the original publication or forums for any issues.

Source

Exchange 2007 reaches end of life on April 11

On April 11, 2017, Exchange Server 2007 will reach End of Life. If you haven’t already begun your migration from Exchange 2007 to Office 365 or Exchange 2016, you need to start planning now.

End of life means that Microsoft will no longer provide the following for Exchange 2007:

  • Free or paid assisted support (including custom support agreements)
  • Bug fixes for issues that are discovered and that may impact the stability and usability of the server
  • Security fixes for vulnerabilities that are discovered and that may make the server vulnerable to security breaches
  • Time zone updates

Your installation of Exchange 2007 will continue to run after this date. However, because of the changes listed above, we strongly recommend that you migrate from Exchange 2007 as soon as possible.

To learn about your options for migrating from Exchange 2007 to Office 365 or a newer version of Exchange Server, check out Exchange 2007 End of Life Roadmap.

Exchange Team has released Quarterly Exchange Updates

– A new Outlook on the web compose experience
– Support for .Net 4.6.2
– Change to Pre-Requisites installed by Setup
– Update on Windows Server 2016 support KB3206632
– Latest time zone updates
– Important Public Folder fix included in these releases

Exchange Server 2016 Cumulative Update 4 (KB3177106), Download, UM Lang Packs
Exchange Server 2013 Cumulative Update 15 (KB3197044), Download, UM Lang Packs
Exchange Server 2010 Service Pack 3 Update Rollup 16 (KB3184730), Download
Exchange Server 2007 Service Pack 3 Update Rollup 22 (KB3184712), Download

MS16-108: Security update for Exchange Server 2007/2010/2013/2016

Summary

This security update resolves vulnerabilities in Microsoft Exchange Server. The most severe of the vulnerabilities could allow remote code execution in some Oracle Outside In Libraries that are built into Exchange Server. This issue might occur if an attacker sends an email message with a specially crafted attachment to a vulnerable Exchange Server computer. To learn more about this vulnerability, see Microsoft Security Bulletin MS16-108.

More information about this security update

The following articles contain more information about this security update as it relates to individual product versions.

  • 3184736 MS16-108: Description of the security update for Exchange Server 2016 and Exchange Server 2013: September 13, 2016
  • 3184728 MS16-108: Update Rollup 15 for Exchange Server 2010 Service Pack 3: September 13, 2016
  • 3184711 MS16-108: Update Rollup 21 for Exchange Server 2007 Service Pack 3: September 13, 2016

Exchange Sizing Calculator & Backup Configuration

I see a lot problems with to small log disks. Sizing Exchange is a very imported thing!! Today there a lot of problems with Thiry-Party Devices. They can create a lot of log files if you run a oudated Exchange Server. Transaction logs are truncated when backup software successfully backs up an Exchange server. The ‘Backup/Truncation Failure Tolerance’ field in the Backup Configuration section, allows a value to be set that specifies how much capacity will be available for logs in the event of backup failures or issues with Thirth party devices. The default value is 3 days. Change This!! This ensures that the server will continue to function and you have the ability to restore from transaction logs for x days, if the backup fails & and if some thirth party device give some trouble. Logs disk & backup should be monitored to ensure that they are successful.

Public Folder Move Script to Exchange 2013

Move Public Folder script from 2007/2010 to Exchange 2013 Script created by Ward Vissers www.wardvissers.nl

THIS CODE IS MADE AVAILABLE AS IS, WITHOUT WARRANTY OF ANY KIND. THE ENTIRE RISK
OF THE USE OR THE RESULTS FROM THE USE OF THIS CODE REMAINS WITH THE USER

Please Select the Choice You Want

Prepare for Migration (Legacy Exchange Server)
01) Take a snapshot of the original source folder structure
02) Take a snapshot of public folder statistics such as item count, size, and owner.
03) Take a snapshot of the permissions
04) Locate public folders that have a backslash in the name
05) Rename Public Folder
06) Checks the public folder migration status.
07) Set PublicFolderMigrationComplete to False

Check Exchange 2013
08) Get-PublicFolderMigrationRequest
09) Get-Mailbox -PublicFolder
10) Get-PublicFolder

Generate CSV Files and create Public Folder Mailboxes (Legacy Exchange Server)
11) Export-PublicFolderStatistics PFSizeMap.csv
12) PublicFolderToMailboxMapGenerator PFMailboxMap.csv

Create the public folder mailboxes on the Exchange 2013 server
13) Master Public Folder Name
14) Create Public Folder Mailboxen (Check PFMailboxMap.csv)

Migrating the Public Folders
15) BadItemLimit (Exchange 2007 Only)
16) Migrate Exchange 2010 public folders
17) To verify that the migration started successfully (AutoSuspend is Compleet)

Lock down the public folders on the legacy Exchange server for final migration (downtime required)
18) Lock the legacy public folders for finalization

Finalize the public folder migration (downtime required)
19) Finalize the public folder migration (downtime required)

Test and unlock the public folder migration
20) Add Public Folder to Test User
21) Unlock the public folders for all other users
22) Public Folder Migration Complete (Legacy Exchange Server)
23) Public Folders Enabled Local

Final Check
24) Take a snapshot of the original source folder structure.
25) Take a snapshot of the public folder statistics such as item count, size, and owner
26) Take a snapshot of the permissions

99) Exit

Download the script here: https://gallery.technet.microsoft.com/scriptcenter/Public-Folder-Move-Script-49126418

Security update available for Exchange 2007, 2010 and 2013

Microsoft has released a fix for Outlook Web App in all supported versions of Exchange.
In all cases, it comes to security issues that have been designated as Important.

Four security updates are also those offered by Microsoft Update, but here are the manually download links:

Rollup 15 for Exchange Server 2007 Service Pack 3
Rollup 8 for Exchange 2010 SP3
Security Update For Exchange Server 2013 SP1 (KB3011140)
Security Update For Exchange Server 2013 CU6 (KB3011140)
Cumulative Update 7 for Exchange Server 2013 (Provided not with Windows Update)

Versions that are not listed here are no longer supported or are not vulnerable. For more information read the security bulletin MS14-075: Vulnerabilities in Microsoft Exchange Server Could Allow Elevation of Privilege (3,009,712)

Cumulative Update 7 for Exchange Server 2013

Today, Cumulative Update 7 for Exchange Server 2013 was released by the Exchange Team (KB2986485). This update raises Exchange 2013 version number to 15.0.1044.22.

Note: Customers that run backups of their Exchange databases are advised to upgrade to CU7 and perform a post-upgrade full backup. This is due to a race condition which could prevent proper restoration of pre-CU7 Exchange databases.

Notes:

  • When using Exchange hybrid deployments or Exchange Online Archiving (EOA), you are required to stay current.
  • CU7 adds support for hierarchies containing 250,000 modern public folders. Consult this article for co-existence scenarios.
  • Be advised of OAB architectural changes introduced with CU5 which are documented here. If you are affected, it is recommended to update CAS servers prior to Mailbox servers.
  • If you have installed the Interim Update to fix Hybrid Configuration Wizard, you can install the Cumulative Update over it – there is no need to uninstall the IU prior to installing CU6.

This Cumulative Update includes schema and AD changes, so make sure you run PrepareSchema / PrepareAD. After updating, the schema version will be 15965.

Note that Cumulative Updates can be installed directly, i.e. no need to install RTM or Service Packs prior to installing Cumulative Updates. Note that once installed, you can’t uninstall a Cumulative Update nor any of the installed Exchange server roles. The order of upgrading servers is irrelevant, unlike with previous generations of Exchange.

Finally, for any Hotfix, Rollup, Service Pack or Cumulative Update, I’d recommend to thoroughly test this in a test and acceptance environment first, prior to implementing it in production.

You can download Exchange 2013 Cumulative Update 7 here; UM Language Packs can be found here.

This update resolves security issues that are described in December 2014 security update for Exchange Server 2013 Service Pack 1 and Cumulative Update 6.
Additionally, this update also resolves the issues that are described in the following Microsoft Knowledge Base (KB) articles:

  • 3004235 Exchange Server meetings in Russian time zones as well as names of time zones are incorrect after October 26, 2014

  • 3012655 New-MailboxImportRequest causes unreadable characters when you import an ANSI format .pst file of Russian language

  • 3012652 CalendarProcessing cmdlet does not generate delegate permissions to universal security groups in Exchange Server 2013

  • 3009631 Advanced Find against the Sent Items folder in Outlook returns no result in Exchange Server 2013

  • 3009612 Outlook Web App shows organization details on the contact card beyond the scope of user ABP in Exchange Server 2013

  • 3009291 Shared mailbox cannot be opened in Outlook in an Exchange Server 2013 environment that has multiple domains

  • 3008453 Cannot edit or delete forms from the organizational forms library in Exchange Server 2013

  • 3008438 User who is trying to Log on to Exchange Admin Console is logged in to OWA instead

  • 3006672 Move request fails if the IsExcludedFromProvisioning option is true in Exchange Server 2013

  • 3005391 Exchange Server 2013 Cumulative Update 5 breaks free|busy lookup from Exchange Online to Exchange Server 2007

  • 3003986 RejectMessageReasonText in transport rule appears in the user section of a DSN in Exchange Server 2013

  • 3001217 TLS 1.0 is hardcoded for SMTP traffic encryption in Exchange Server 2013

  • 3001037 Distribution group cannot send email messages to a mail enabled public folder in an Exchange Server 2013 environment

  • 2999031 A cross-forest mailbox move from Exchange Server 2007 to Exchange Server 2013 finishes with CompletedWithWarnings status

  • 2998144 New-MoveRequest cmdlet with RemoteLegacy parameter cannot perform a cross-forest mailbox move

  • 2988553 Add-ADPermission and Remove-ADPermission can be run outside the management scope in Exchange Server 2013

  • 2981538 Exchange Control Panel crashes when you proxy from Exchange 2013 to Exchange 2010

  • 3014051 Cannot migrate mailboxes in a multiple domains environment in Exchange Server 2013

  • 3012986 ContentIndexRetryQueueSize value for a passive node never drops to zero in Exchange Server 2013 Cumulative Update 6

  • 3004011 Sound alerts do not work in Outlook Web App when new email or calendar notification is received in Exchange Server 2013

  • 3003580 Event ID 4999 and 4401 when the Microsoft Exchange Replication service crashes in Exchange Server 2013

  • 3003518 “550 5.7.1” NDR when you send messages to external recipients in an Exchange Server 2013 hybrid environment

  • 3003068 Cannot see online archive mailbox after you upgrade to Exchange Server 2013 Cumulative Update 6

  • 3000944 Subfolders under the Deleted Items folder are not visible in Outlook in an Exchange Server 2013 environment

  • 2997847 You cannot route ActiveSync traffic to Exchange 2007 mailboxes after you upgrade to Exchange 2013 CU6

  • 2997355 Exchange Online mailboxes cannot be managed by using EAC after you deploy Exchange Server 2013 CU6

  • 2997209 Exchange Server 2013 databases unexpectedly fail over in a co-existence environment with Exchange Server 2007

  • 2995263 OAB cannot be rebuilt if the .flt file is larger than two GB in Exchange Server 2013

  • 2994216 PublicFolderMoveRequest deletes all read or unread state in target mailbox for each user in Exchange Server 2013

  • 2993871 Resource Booking Assistant crashes after you upgrade to Exchange Server 2013 Cumulative Update 5

  • 2983216 Category setting on an item in Outlook jumps the selection to the top of the list in an Exchange Server 2013 environment

  • 2931223 MAPI virtual directory is missing from Default Web Site node

Rollup 15 for Exchange Server 2007 SP3

Exchange Team released Update Rollup 15 for Exchange Server 2007 SP3

Update Rollup 15 for Exchange Server 2007 SP3 resolves security issues that are described in December 2014 security update for Exchange Server 2007 and Exchange Server 2010.
Additionally, this update resolves the issues that are described in the following Microsoft Knowledge Base (KB) articles:

  • 3004235 Exchange Server meetings in Russian time zones as well as names of time zones are incorrect after October 26, 2014

  • 3008308 Public folder database migration issue in a mixed Exchange Server environment

Download the Exchange2007-KB2996150 package now.