Microsoft has once again been forced to withdraw a security patch released as part of its Patch Tuesday monthly update cycle, following the discovery that it breaks a key aspect of Exchange server functionality.
Designed for corporate communications, Microsoft Exchange Server offers email, calendaring and contact management for Windows Server platforms. As a result, it's often business-critical for corporations with a Microsoft-centric network - and a bug that puts its reliability into question is, naturally, extremely serious.
Which is why it's doubly embarrassing for Microsoft that an update designed to fix a major security hole which allows for arbitrary remote code execution,
MS13-061 2876063, has turned out to be almost as bad as the flaw it intended to fix. When installed, it transpires, the update breaks the content index for mailbox databases - causing mail searching to fail completely.
'
Late last night we became aware of an issue with MS13-061 security update for Exchange Server 2013. Specifically, after the installation of the security update, the Content Index for mailbox databases shows as Failed and the Microsoft Exchange Search Host Controller service is renamed,' Microsoft's Ross Smith IV admitted in a
blog post on the matter. '
If you have not installed MS13-061 security update on your Exchange 2013 servers, we recommend not proceeding with the update at this time.'
Although the update has now been pulled from the Windows Update system, those who uses WSUS or other patching services may still have the update cached and should manually mark it as not to be installed - although this will, unfortunately, leave the systems vulnerable to exploitation through the original vulnerability. For those who have already been caught by the buggy update, a
knowledge base article provides a workaround for the flaw.
This is not the first time Microsoft has been forced to withdraw an update in recent months: in July a security patch
broke WMV-based applications, in June another patch
caused CPUs to spin, and in April a kernel-mode driver patch
resulted in crashes and reboot cycles.
Want to comment? Please log in.