Released: June 2018 Quarterly Exchange Updates
Published Jun 19 2018 08:15 AM 92.7K Views

The latest cumulative updates for Exchange Server 2016 and Exchange Server 2013 are now available on the download center. An update rollup for Exchange Server 2010 is also available. The updates released today include important changes to the pre-requisites required to install Exchange Server. The installation packages include fixes to customer reported issues, all previously reported security/quality issues and updated functionality.

Updated Pre-requisite requirements

.NET Framework 4.7.1

As announced previously, Exchange Server 2016 Cumulative Update 10 and Exchange Server 2013 Cumulative Update 21 require .NET Framework 4.7.1. Exchange Setup will enforce this requirement during cumulative update installation. Customers who are running an older version of .NET Framework will need to update their server to .NET Framework 4.7.1 then install the latest cumulative update.

VC++ 2013 runtime library is required

The Exchange Server updates released today require the VC++ 2013 runtime library installed on the server. The VC++ runtime library is required to provide current and future security updates for a third party component shipped with Exchange Server. The component provides WebReady Document Viewing in Exchange Server 2010 and 2013 and Data Loss Prevention in Exchange Server 2013 and 2016. Setup will enforce the installation of the pre-requisite on Exchange Server 2013 and 2016 when a cumulative update is applied. Exchange Server 2010 Update Rollup 22 and later will force the installation of the VC++ runtime before the update can be applied. Future security updates for all versions of Exchange Server will force installation of the runtime package if not already installed. Customers who use Windows Update to patch or update their servers, will need to ensure that the VC++ 2013 runtime package is applied before running Windows Update. Update Rollup 22 and future security updates for all versions of Exchange server will fail to install manually or via Windows Update if the runtime library is not installed. The packages released today include an updated version of the third party component to resolve the issues identified in Microsoft Advisory ADV180010. Customers are encouraged to apply the updates released today as soon as possible. The Exchange team has previously stated they will not ship security fixes in a cumulative update not previously released separate from a cumulative update. That goal and official plan of record are unchanged. Shipping the updated third party components in a cumulative update was necessary to integrate a new version of the components and a new product dependency not previously required by Exchange in a manner customers are accustomed to with minimal disruption to the Windows Update process.

Important Updates for Exchange Server 2010

Support for Windows Server 2016 Domain Controllers

Exchange Server 2010 Service Pack 3 Update Rollup 22 and later add support for Windows Server 2016 domain controllers. There are no restrictions to adding Windows Server 2016 domain controllers in forests where Exchange Server 2010 is deployed. Support for Active Directory Forest Functional Levels through Windows Server 2016 is included. Domain Controllers must be running Windows Server 2016 updates released through June 2018 to be supported. Customers are encouraged to remain current by applying monthly operating system quality updates.

Fix for Exchange Web Services Impersonation in Co-existent Environments

The issue identified in KB4295751 is now resolved in Update Rollup 22. Customers who have Exchange Server 2010 deployed in the same forest as Exchange Server 2016 are encouraged to deploy Update Rollup 22 to ensure that unauthorized access to mailboxes on Exchange Server 2010 does not occur.

Latest time zone updates

All of the packages released today include support for time zone updates published by Microsoft through May 2018.

Exchange Server 2013 Extended Support

Exchange Server 2013 entered extended support in April 2018. Cumulative Update 21 is the last planned quarterly update for Exchange Server 2013. Customers must upgrade to Cumulative Update 21 to continue to receive future security updates.

Release Details

KB articles that describe the fixes in each release are available as follows: The updates released today do not include new updates to Active Directory Schema. If upgrading from an older Exchange version or installing a new server, Active Directory updates may still be required. These updates will apply automatically during setup if the logged on user has the required permissions. If the Exchange Administrator lacks permissions to update Active Directory Schema, a Schema Admin must execute SETUP /PrepareSchema prior to the first Exchange Server installation or upgrade. The Exchange Administrator should execute SETUP /PrepareAD to ensure RBAC roles are current before applying either of the cumulative updates released today.

Additional Information

Microsoft recommends all customers test the deployment of any update in their lab environment to determine the proper installation process for your production environment. For information on extending the schema and configuring Active Directory, please review the appropriate TechNet documentation. Also, to prevent installation issues you should ensure that the Windows PowerShell Script Execution Policy is set to “Unrestricted” on the server being upgraded or installed. To verify the policy settings, run the Get-ExecutionPolicy cmdlet from PowerShell on the machine being upgraded. If the policies are NOT set to Unrestricted you should use the resolution steps in KB981474 to adjust the settings. Reminder: Customers in hybrid deployments where Exchange is deployed on-premises and in the cloud, or who are using Exchange Online Archiving (EOA) with their on-premises Exchange deployment are required to deploy the most current (e.g., 2013 CU21, 2016 CU10) or the prior (e.g., 2013 CU20, 2016 CU9) Cumulative Update release. For the latest information on Exchange Server and product announcements please see What's New in Exchange Server 2016 and Exchange Server 2016 Release Notes. You can also find updated information on Exchange Server 2013 in What’s New in Exchange Server 2013, Release Notes and product documentation available on TechNet.

Note: Documentation may not be fully available at the time this post is published.

The Exchange Team
23 Comments
Not applicable
Hi Exchange Team,

Our brand new Server-2016/Exchange-2016(CU9) has VC++ 2012 installed.

Do we install VC++ 2013 alongside the existing version, prior to installing CU10?

Also why not the more recent VC++ 2015 or VC++ 2017 versions?

Regards

Stephen

Not applicable
Thank you for the question Stephen. Our third party partner has indicated that this is the version required/supported to work with their product. We are inheriting this support requirement directly from them. The behavior of the runtime is that multiple versions can be installed side by side.
Not applicable
Hello guys,

Just a warning, the hyperlink to the .NET 4.7.1 is redirecting to 4.7 – which is not supported by Exchange. Regards, Denis Signorelli

Not applicable
Thank you for reporting this and sorry for the typo in the hyperlink. This has been resolved.
Not applicable
re: "Customers must upgrade to Cumulative Update 21 to continue to receive future security updates." ...does that mean security updates will no longer be provided for CU4/SP1?
Not applicable
@teammits - Yes, your interpretation of that comment is correct. During extended support only the latest cumulative update will receive security updates.
Not applicable
PS - it appears if you aren't logged in when posting a comment, like I did last week, there is no error message but it doesn't get received? Today when logged in, it immediately showed as "Your comment is awaiting moderation" after I posted.
Not applicable
A coworker found https://blogs.technet.microsoft.com/exchange/2018/04/10/exchange-server-2013-enters-extended-support-lifecycle-phase/ which says "After September 19th 2018, only Cumulative Update 21 or its successors will receive critical updates." So apparently there is a 3 month window to get to CU21.
Not applicable
@teamits: thank you for the hint with "must be logged in to post in the" comments - a few days ago I wonderd why my comment disapeard.

@MS: I think the CU Numbers at the reminder are wrong. The most current or prior CUs for exchange 2016 should be CU10 and CU9 instead of CU9 and CU8.

Not applicable
Fixed! :)
Not applicable
Hi,

I've installed the update and start to get errors (no object in "Microsoft Exchange System Objects" is created):

Object reference not set to an instance of an object.

+ CategoryInfo : NotSpecified: (:) [Enable-MailPublicFolder], NullReferenceException

+ FullyQualifiedErrorId : System.NullReferenceException,Microsoft.Exchange.Management.MapiTasks.EnableMailPublicFolder

+ PSComputerName :

Repetition of the cmdlet doesn't help.

When I start a new EMS session the cmdlet Enable-MailPublicFolder executes without error.

Best regards

Dmitry

Not applicable
Yesterday's "patch Tuesday" updates included .NET 4.7.2. However, looking at the supportability matrix, there's no row for .NET 4.7.2 and no column for Exchange 2016 CU 10. Can you clarify whether these are compatible?
Not applicable
Hi,

"Setup will enforce the installation of the pre-requisite on Exchange Server 2013 and 2016 when a cumulative update is applied."

Does the above mean, that the cu installs the pre-requisite automatically if they are missing?

Not applicable
One of our DR DAG members has had .NET Framework 4.7.2 installed in error. Is there a process for cleanly removing this and getting back to 4.7.1 without causing issues in Exchange? It doesn't appear to have any problems so far although it's only hosting passive and lagged copies at the moment.
Not applicable
Hoping someone can shed some light on our concern. Yesterday we installed rollup 22 on our Exchange 2010 spk 3 rollup 8. We did the prerequisite VC++. The rollup install appeared to go well and reached the Finished. Problem we are having is when we check on the Exchange version installed it still shows what we had before the rollup install. Shouldn't we now see it has rollup 22 installed?
Not applicable
what method are you using to check the version?

try: Get-ExchangeServer | ft name, admindisplayversion

Not applicable
Is it expected behavior that the Active Directory preparation commands will fail when running from a DC if .NET 4.7.1 is not installed on the DC? I don't see this as a requirement on the "Prepare Active Directory and domains" article. Please advise.
Not applicable
so what is the sequence of steps to update to cu21 from cu17? is it VC++ 2013 runtime then .NET 4.7.1 or the other way before cu21 or the other way?
Not applicable
We are on Exchange 15.0.847.32 (2013 SP1). Can we just run the executable for CU 21 or do we need to go in steps?

Thanks!

Not applicable
I upgraded from CU5 to CU20. no issues yet.

Put Each server (One at a time) in Maintenance mode. Install .Net 4.7.1. Extend AD Schema (Onetime only). Install the Update. bring server out of Maintenance mode. move to next server.

Not applicable
Hi Exchange Team, how can we Admins give you feedback about the product? Things like: Why i can`t filter for *MAPI* Attributes in get-casmailbox, but for all other services like owa, pop etc? Or Why i have the option in the eac for a mailbox to set the sendonbehalfto but not for a sharedmailbox?
Not applicable
Hello Exchange Team,

.

I have tried to install the CU21 in our Exchange 2013 (Two servers in DAG), but we had two problems. The first problem was about the installation of .net 4.7.1,(https://www.microsoft.com/en-US/download/details.aspx?id=56115) where we tried twice without success. After search a little, I found this link (https://somoit.net/windows/net-framework-4-7-1-install-stuck-hangs). After use this new package, it was possible to install the .NET version.

.

The second problem is about our UM. When we were in the upgrade process, we received an error message about the requisite to uninstall the pt-BR from UM to be possible to run the CU21. It was not possible to uninstall the pt-BR plugin in that moment, because we have a lot of users who use this feature, and we had not plan this new task.

.

Some questions:

Have you already have the experience to uninstall the UM package, install the CU21 and after that install again the UM package? Did you have any user impact executing this procedure? Do you have any tip about this scenario?

Thank you in advance.

Not applicable
I have a question about .NET

Are you able to uninstall the previous versions of .NET?

We have had Exchange 2013 since RTM and have many versions of .NET and would like to uninstall the older versions, however I am finding it difficult to get any on uninstalling the older versions, if it is safe to do so, is it just a simple uninstall.

We are currently on Exchange 2013 CU21 with .NET 4.7.2 which is lalatest supported version of .NET so have all of the previous versions still installed on this server.

Also are we able to uninstall older versions of VC++ or do we need to kep all versions installed?

Thanks in advance for your assistance.

PS: Thanks for this Blog it has been of great assistance over the years, and I have not had any issues with my upgrades by following the guidance you have provided.

Version history
Last update:
‎Jul 01 2019 04:33 PM
Updated by: