The Exchange team today announced the availability of Update Rollup 8 for Exchange Server 2010 Service Pack 3. RU8 is the latest rollup of customer fixes available for Exchange Server 2010. The release contains fixes for customer reported issues and previously released security bulletins. In addition to addressing previous security issues, Exchange 2010 SP3 RU8 also corrects the security issue MS14-075. For Exchange 2010 this is also discussed in Outlook Web App Token Spoofing Vulnerability - CVE-2014-6319.
Update 12-12-2014: Exchange Server 2010 SP3 Update Rollup 8 has been re-released to the Microsoft download centre resolving a regression discovered in the initial release. The updated RU8 package corrects the issue which impacted users connecting to Exchange from Outlook. The issue was isolated to the MAPI RPC layer and was quickly remediated to deliver the updated RU8 package. The updated RU8 v2 package is version number 14.03.0224.002.
Update 10-12-2014: Please see comments at the end of this post with an issue relating to RPC Client Access. There is a TechNet forum where the community is discussing this issue. In the RPC Client Access the forum post notes that the following can be observed: “Log Watson: [IndexOutOfRangeException] Index was outside the bounds of the array”.
Update 10-12-2014: Exchange 2010 SP3 RU8 has been removed from the download centre until the above issue has been resolved.
This is build 14.03.0224.002 of Exchange 2010 (14.03.0224.001 was the initial SP3 RU8 build) , and KB2986475 has the full details for the release. The update file name is Exchange2010-KB2986475-x64-en.msp.
Note that this is only for the Service Pack 3 branch of Exchange 2010. Why? Exchange 2010 SP2 exited out of support on the 8th of April 2014 and will no longer receive updates.
Updates Of Particular Note
- This RU addresses security issues noted in bulletin MS14-075.
- 3009132 Hybrid mailbox moves to on-premises environment but finishes with CompletedWithWarnings status
- 3008308 Public folder database migration issue in a mixed Exchange Server environment
- 3007794 Hub Transport server cannot deliver messages when a database fails over to a cross-site DAG in Exchange Server 2010
Issues Resolved
- 3004235 Exchange Server meetings in Russian time zones as well as names of time zones are incorrect after October 26, 2014
- 3009132 Hybrid mailbox moves to on-premises environment but finishes with CompletedWithWarnings status
- 3008999 IRM restrictions are applied to incorrectly formatted .docx, .pptx, or .xlsx files in an Exchange Server 2010 environment
- 3008370 Group members are not sorted by display name when HAB is used with OAB in Exchange Server 2010
- 3008308 Public folder database migration issue in a mixed Exchange Server environment
- 3007794 Hub Transport server cannot deliver messages when a database fails over to a cross-site DAG in Exchange Server 2010
- 3004521 An Exchange server loses its connection to domain controllers if a public folder server is down in Exchange Server 2010
- 2999016 Unreadable characters when you import ANSI .pst files of Russian language by using the New-MailboxImportRequest cmdlet
- 2995148 Changing distribution group takes a long time in an Exchange Server 2010 environment
- 2992692 Retention policy is not applied to Information Rights Management protected voice mail messages in Exchange Server 2010
- 2987982 Issues caused by ANSI mode in Exchange Server 2010
- 2987104 Email message is sent by using the "Send As" instead of "Send on Behalf" permission in Exchange Server 2010
- 2982017 Incorrect voice mail message duration in Exchange Server 2013 and Exchange Server 2010
- 2977279 You cannot disable journaling for protected voice mail in Exchange Server 2013 and Exchange Server 2010
Important Notes
Now, before we rush off to download and install this there are a couple of items to mention!
- Test the update in your lab before installing in production. If in doubt test…
- If the Exchange server does not have Internet connectivity then this introduces significant delay in building the Native images for the .Net assemblies as the server is unable to get to http://crl.microsoft.com. To resolve this issue, follow these steps:
- On the Tools menu in Windows Internet Explorer, click Internet Options, and then click the Advanced tab.
- In the Security section, click to clear the Check for publisher's certificate revocation check box, and then click OK.
We recommend that you clear this security option in Internet Explorer only if the computer is in a tightly controlled environment. When setup is complete, click to select the Check for publisher’s certificate revocation check box again.
- Update Internet facing CAS servers first
- Backup any OWA customisations as they will be removed
- Test (yes technically this is in here for a second time but it is important!)
Cheers,
Rhoderick