Last September Microsoft released their quarterly Cumulative Updates for Exchange, Exchange 2016 CU18 and Exchange 2019 CU7. This was quickly followed by a security update, KB4581424 that addresses the CVE-2020-16969 Microsoft Exchange Information Disclosure vulnerability.
Unfortunately, the Exchange 2016 CU18 and Exchange 2019 CU7 contain a nasty bug. If you use OWA, open a shared mailbox and try to access an attachment, OWA redirects to Office 365 instead of the on-premises Exchange 2016/2019 server to download it. This happens in an hybrid environment, but also in a pure on-premises Exchange deployment without any Office 365 connection.
Microsoft is aware of this issue and it will be fixed in the next Cumulative Updates for Exchange 2016 and Exchange 2019. Looking at the quarterly cadence this should be by the end of this year.
If you have a Microsoft Premier support contract and this is an issue that impacts your business you can open a support ticket and request a fix for this. This service is available for Premier support customers only.
This fix is a replacement for the KB4581424 security update, as such it contains all the fixes in KB4581424, plus the OWA Attachment hotfix. If you are a Premier support customer and do have this fix available, make sure that you uninstall the KB4581424 first before installing this update. One workaround that I’ve seen in a newsgroup is not to open the Shared Mailbox as “Open another mailbox” but as “Add shared folder”. This should work also, but I have not tested it. I do have a customer with a Premier support contract, I can confirm the problem is fixed in the interim update.
On September 15 Microsoft released two updates for their on-premises Exchange servers:
Exchange 2019 Cumulative Update 7
Exchange 2016 Cumulative Update 18
Note. This is the second-last Cumulative Update for Exchange 2016! As Microsoft has announced earlier, Exchange 2016 will be out of mainstream support this October. The last Cumulative Update is expected in December 2020.
Both updates contain security and nonsecurity updates, the recently released security update for Exchange 2016 and Exchange 2019 that addresses the CVE-2020-16875 vulnerability is also included in these CU’s.
Both updates also contain the latest Daylight Saving Time (DST) Updates.
In earlier posts it was mentioned that no changes in Active Directory are introduced, so there was no need to run Setup with the /PrepareAD and /PrepareDomain option. However, when you check the Microsoft documentation you’ll notice that AD and Domain versions are increased, so this time there is a need to run /PrepareAD and /PrepareDomain. If you run the /PrepareAD, make sure you have sufficient permission to execute this command (member of the Enterprise Admins Security Group).
The same is true when upgrading for Exchange 2016. you must run Setup.exe /PrepareSchema, Setup.exe /PrepareAD or Setup.exe /PrepareDomain.
Autodiscover EventID 1 can occur after installing Exchange 2019 CU3 or after installing Exchange 2016 CU14. I’ve blogged about this before on EventID 1 MSExchange Autodiscover. I am not sure if this still is the case 😉.
Exchange 2019 CU7 is only available on the Volume License Service Center (VLSC)
Microsoft has released its quarterly updates for Exchange:
Exchange 2016 CU17.
Exchange 2013 CU18.
It has been quiet around these updates, and they do not bring a whole lot of features.
Important to note is that the minimum Forest Functional Level (FFL) has been raised to Windows Server 2008 R2. Personally I think this is an indication that more exciting stuff is along the way, especially around Exchange 2016 (my personal expectation, don’t shoot the messenger :-))
There are schema changes in Exchange 2016 CU7, so when installing this update you have to execute the following commands:
When it comes to the .NET Framework, Microsoft is working on a new .NET Framework release (version 4.7.1). The upcoming quarterly update of December 2018 will support this version of the .NET Framework.
Some customers have an Active Directory domain in their DMZ (for management purposes) and the Exchange 2013 Edge Transport server can be a member of this domain as well.
Unfortunately starting with Exchange 2013 CU5 the Edge Transport server won’t install anymore when the server is a member of such a domain. Setup crashes with the following error message:
“Active Directory failed on localhost. This error is not retriable. Additional information: the parameter is incorrect.” And “Active Directory response: 00000057: LdapErr: DSID-0C090D8A, comment: Error in attribute conversion operation, data 0, v2580 —> System.DirectoryServices.Protocols.DirectoryOperationException: The requested attribute does not exist.”
At this moment (up to Exchange 2013 CU7) there’s no other workaround that to remove the Edge Transport server from the domain, install the Edge Transport server role (make sure you got the FQDN of the server correct!) and after installing rejoin the Active Directory domain. This works fine.
I noticed however that upgrading an Exchange 2013 CU6 Edge Transport server that’s domain joined to CU7 doesn’t hit this issue, there was no need to remove it from the domain before upgrading.
On Tuesday December 9, 2014 Microsoft released Exchange Server 2013 Cumulative Update 7 and the UM Language Packs for Cumulative Update 7, 105 days after the release of the previous CU6 update. This release is a little overdue because of a last minute issue that was found moments before the original release date of CU7. As long as it improves the quality of the release this shouldn’t be a problem though.