Today the Exchange CXP team released the following update rollups to the Download Center. All three releases cover Security Bulletin MS12-080. Because this is a security release, the updates will...
Updated Jul 01, 2019
Version 2.0
Blog Post
1 MIN READ
Released: Update Rollup 5 v2 for Exchange 2010 SP2, Exchange 2010 SP1 RU8 and Exchange 2007 SP3 RU9
I for one find the product teams decision to fix security vulnerabilities only in Update Rollups completely unacceptable and at odds with many other products in the Microsoft product line. A security vulerability should be addressed by a small hotfix that addresses the vulnerability rather than part of a much wider rollup which includes additional functionallity and a much braoder change to the code base. For those in coprorate environments testing a large rollup is at odds with security patching.
The number of re-issues for rollups in the last year or so also reinforces the need not to be an early adopter and effectively test updates which is at odds with covering an exploit.
I wish you would review this methodology.
Paul