News

Microsoft Releases Exchange Server Updates

• By Kurt Mackie
• 12/15/2016

Microsoft released a large batch of updates for all supported versions of Exchange Server.

The updates include both cumulative updates (CUs) and update rollups (RU) in accordance with Microsoft's update scheme for Exchange Server. The cumulative updates released this week were CU4 for Exchange 2016 and CU15 for Exchange 2013. The update rollups released this week were RU16 for Exchange 2010 Service Pack 3 and RU22 for Exchange Server 2007 SP3.

The difference between a CU and an RU seems to be that the RU is an update that also includes security patches, whereas the CUs are full server builds where the security updates get released separately. The Exchange team had explained this notion back in a 2013 blog post. In essence, Exchange 2016 and Exchange 2013 follow the CU model (getting security patches separately), while Exchange 2010 and Exchange 2007 follow the RU model (with security patches included).

Microsoft uses the term, "customer rollup update" (RU), interchangeably with "update rollup" (UR), which presumably explains the strange RU abbreviation use. Maybe this nomenclature will start to change on the Exchange Server side. It's already somewhat different on the Windows client side, which follows a so-called "monthly rollup" model. Microsoft defines its update terms at this page.

Microsoft is now using more helpful cumulative update file names for its newer Exchange Server updates. For instance, CU4 for Exchange Server 2016 is called "ExchangeServer2016-x64-CU4.iso."

Exchange 2016 CU4
The big deal with the previous CU3 release (released back in September), was that it finally permitted Exchange 2016 to run on Windows Server 2016. It turns out that there was a flaw, though, since database availability groups (DAG) had to be paused for the install to work. That issue was fixed with security update KB3206632, which is now required to be in place before Exchange 2016 will install on Windows Server 2016, according to an explanation by Rhoderick Milne, a senior premier field engineer at Microsoft.

CU4 is also important because it fixes a public folders indexing issue that appeared with the release of Exchange 2016 CU3 and Exchange 2013 CU14, as described in Knowledge Base article KB3202691.

Milne also plugged CU4's support for using .NET Framework 4.6.2 with Exchange 2016. The use of .NET Framework 4.6.2 soon will become a requirement for running Exchange 2016.

"CU4 supports .NET framework 4.6.2 -- while this is an optional upgrade at this time, it makes sense to plan the .NET upgrade as it will become a required pre-requisite for the next CU," Milne stated.

Microsoft's Exchange Server product dependencies with .NET Framework releases are shown in this table.

More details about the CU4 changes for Exchange Server 2016 are described in Knowledge Base article KB3177106.

Exchange 2013 CU15
CU15 for Exchange 2013 is noteworthy for addressing the public folder indexing problem described in Knowledge Base article KB3202691. Milne also noted that "CU15 supports .NET framework 4.6.2," which will be a requirement to install the next cumulative update.

The specific fixes in CU15 for Exchange 2013 are described in Knowledge Base article KB3197044.

Exchange 2010 SP3 RU16
RU16 mostly delivers daylight-saving time updates in Exchange Server 2010 SP3, along with security fixes. Milne heavily recommended using a test lab before going into production with this release. He listed 12 caveats in "important notes" in his blog post.

Microsoft's Knowledge Base article for RU16 for Exchange 2010 SP3 is KB3184730. It mostly contains additional caveats on top of Milne's.

Exchange 2007 SP3 RU22
RU22 is mostly delivering daylight-saving time updates to Exchange 2007 SP3. At press time, Milne hadn't posted any specific details about this update. Microsoft's Knowledge Base article description for it is KB3184712.

Exchange Server 2007 SP3 will fall out of "mainstream support" in April of next year. It'll be deemed "unsupported" at that time. That means it will not be getting any further product updates, including security fixes.