After emergency stop: Microsoft distributes corrected Exchange server updates
The Exchange update for the November patchday was faulty, Microsoft pulled the emergency brake. Corrected security updates are now available.
(Image: Bild erstellt mit KI in Bing Designer durch heise online / dmk)
Two weeks ago, a few days after the official November patch day, Microsoft identified errors in the security updates (SUs) for Exchange servers and stopped their distribution. Now the developers have corrected the errors. Microsoft has started distributing the new software update.
"The original version of these SUs (released on November 12, 2024) caused an issue with Exchange Server transport rules stopping after a certain time in some environments," the developers explain in a tech community post from Microsoft's Exchange team. They add: "The newly released SUs fix this issue".
Decision matrix with installation recommendations
A decision matrix is intended to help IT managers implement the recommended handling of version 2 of the November security update. Essentially, all entries lead to the installation of version 2; only in the event that the first update version was installed and the organization does not use any transport or DLP rules is waiting an option, as the affected servers will download and install the update themselves in December. In all other cases, admins are advised to install the new version of the security update.
Videos by heise
In the original announcement post, the developers have updated the links to the updates. Microsoft also writes that the new version includes two changes. On the one hand, it corrects the transport rule problems. On the other hand, it provides a more granular control of the "non-RFC-compliant P2-FROM header detection".
The Exchange team has also documented the first known problem with the new update version: exceptions can occur that affect time zones. This is noticeable when processing calendar-related information and files such as .ics or .ical attachments. They cannot be viewed or added to the calendar. OWA and Exchange Active Sync (EAS) clients on mobile devices are affected. Exchange transports can also be affected during mail processing. The cause is a duplicate time zone entry in an Exchange file; Microsoft explains in the support article how admins can correct the file to remedy the problem.
Microsoft had stopped distributing the November security updates for Exchange Server 2016 and 2019 because they had unexpected side effects. Transport rules were failing regularly. Those affected should uninstall the update so that the mail transport can continue to run undisturbed.
(dmk)
