Microsoft Issues Exchange Server 2013 Update for Buggy Backups
Organizations that are leery of their Exchange backups can breathe a sigh of relief.
Microsoft released Exchange Server 2013 Cumulative Update 3 on Nov. 25, which addresses a problem in the way the email platform handles data restores. In an Exchange Team Blog post, the group drew attention to an important fix aimed at "customers who rely upon Backup and Recovery mechanisms to protect Exchange data."
In short, restoring Exchange 2013 (Standard and Enterprise) backup data was a hit-or-miss affair prior to the patch. "Cumulative Update 3 includes a fix for an issue which may randomly prevent a backup dataset taken from Exchange Server 2013 from restoring correctly," informed the company. The issue affected both Windows Server Backup and third-party products, according to a knowledge base article (KB2888315) describing the bug.
The update should provide a remedy for IT administrators that have encountered the following error messages:
"The Microsoft Exchange Replication service VSS Writer instance 'GUID' failed with error code 0x80070015 when preparing for a backup of database 'DatabaseName'.
"The Microsoft Exchange Replication service VSS Writer could not obtain the log file signature for database 'DatabaseName'. The msexchangerepl service may need to be restarted and the backup retried after all copies reach a stable mounted or healthy state."
Microsoft encourages customers who routinely use Exchange's Backup and Recovery functionality "to deploy Cumulative Update 3 and initiate backups of their data to ensure that data contained in backups may be restored correctly."
On the security front, the update shuts the door on three critical vulnerabilities that could potentially allow hackers to gain control of an affected Exchange server, or "Remote Code Execution" in the company's parlance.
In a security bulletin (MS13-061), Microsoft warned that the "vulnerabilities could allow remote code execution in the security context of the transcoding service on the Exchange server if a user previews a specially crafted file using Outlook Web App (OWA)." The bugs affected Exchange's WebReady Document and Data Loss Prevention software components. Affected editions include Exchange 2013, 2010 and 2007.
Bug fixes aside, Cumulative Update 3 contains "Exchange-related updates to Active Directory schema and configuration" along with "new enhancements and improvements to existing functionality," said the software maker. As per Microsoft, these include:
- Usability improvements when adding members to new and existing groups in the Exchange Administration Console
- Online RMS available for use by non-cloud based Exchange deployments
- Improved admin audit log experience
- Windows 8.1/IE11 no longer require the use of OWA Light
As for future updates, the company plans to release Exchange Server 2013 Cumulative Update 4 as Exchange Server 2013 Service Pack 1. Those customers waiting for the next batch of bug fixes and enhancements "should consider Service Pack 1 to be equivalent to Cumulative Update 4 and deploy as normal," advised Microsoft.