Exchange sustained engineering has released Exchange 2007 SP3 RU10 to the Microsoft download centre as update 2788321.
For the astute of you out there, you will notice that this is on the second Tuesday of February which makes it Patch Tuesday. It also happens to be Shrove Tuesday as well by happy coincidence so I’m having pancakes for dinner, but I think I’m digressing…..
Since it is Patch Tuesday, does that mean that there are security issues that are resolved in this update? Yup! In terms of the security vulnerabilities resolved, they are CVE-2013-0393 and CVE-2013-0418 as discussed in the Oracle Critical Patch Update Advisory – January 2013. Microsoft has classified one of these issues as critical and the other as important
In short, Exchange 2007 SP3 RU10 will update these three areas:
- The vulnerabilities that are described in Microsoft Security Bulletin MS13-012.
- 2783779 A hidden user is still displayed in the Organization information of Address Book in OWA in an Exchange Server 2007 environment
- Latest daylight saving time (DST) updates for Exchange Server 2007
As always please ensure that you test and validate the update in a lab prior to placing into production.
Just in case you may be wondering why this update is for Exchange 2007 SP3, and not SP1 or SP2 it is because those versions are no longer supported.