by Michael Bianchi, Senior Systems Engineer
On December 19th, Microsoft released cumulative updates for Exchange 2013 and 2016 along with a security update for Exchange 2010, addressing a concerns for deployments containing 2016 and 2010 servers in coexistence.
Exchange customers transitioning from 2010 to 2016 are strongly advised to apply Exchange 2010 Service Pack 3 Rollup 19 to avoid a condition which could allow Exchange Web Services (EWS) requests from 2016 servers to 2010 mailboxes to proceed with unauthorized access.
Exchange 2016 Cumulative Update 8 and Exchange 2013 Cumulative Update 19 were also released in this patch cycle.
- Cumulative updates will no longer overwrite TLS settings. Recommend settings will only be applied to new installations.
- .Net Framework 4.7.1 is now supported. This will be a requirement for the June 2018 quarterly updates. Upgrade to 4.7.1 after this patch cycle and before June of this year.
- Exchange 2013 and 2016 now support Hybrid Modern Authentication. Hybrid Office 365 deployments will allow for on-premise token based authentication for users that exist in Azure Active Directory.
No schema updates have been implemented since the September 2017 quarterly updates. If you are patching from an older CU, some schema updates may be necessary. Always check the release notes for interim CUs, if there is a concern about schema updates.
When patching a server, always ensure that script execution policy is set to unrestricted before installing: https://technet.microsoft.com/en-us/library/ee176961.aspx
Be aware that support is offered only to the most current and previous cumulative update. As of this writing, that includes Exchange 2013 CUs 18 and 19 as well as Exchange 2016 CUs 7 and 8.
Please contact Helient if you require any assistance with your Microsoft Exchange on-premises, cloud or hybrid infrastructure.