Released: September 2016 Quarterly Exchange Updates

Today Microsoft is announcing the latest set of Cumulative Updates for Exchange Server 2016 and Exchange Server 2013. YES, Even if you are at Office 365, but still have Hybrid Mode, you NEED to install it on your Exchange servers that are deployed On-Premises!

These releases include fixes to customer reported issues and updated functionality.

These releases include fixes to customer reported issues and updated functionality. Exchange Server 2016 Cumulative Update 3 and Exchange Server 2013 Cumulative Update 14 are available on the Microsoft Download Center.

Windows Server 2016 Support

Windows Server 2016 support is now available with Exchange Server 2016 Cumulative Update 3. Customers looking to deploy Windows Server 2016 in their Exchange environments require Exchange Server 2016 Cumulative Update 3 or later. Domain Controllers running Windows Server 2016 are supported provided Forest Functional Level is Windows Server 2008R2 or later. Exchange does not currently support any new functionality provided by the updated operating system except for improved restart support in the Windows Installer. Installing Exchange on Windows Server 2016 provides a seamless installation experience including prerequisites. Exchange Server 2013 will not be supported on Windows Server 2016.

Windows Defender is on by default in Windows Server 2016. Attention to malware settings is particularly important with Exchange to avoid long processing times during installation and upgrade, as well as unexpected performance issues. The Exchange team recommends the Exchange installation and setup log folders be excluded from scanning in Windows Defender and other Anti-Virus software. Exchange noderunner processes should also be excluded from Windows Defender.

.Net 4.6.2 Support

.Net 4.6.2 is included with Windows Server 2016. Customers deploying Exchange on Windows Server 2016 must use .Net 4.6.2 and Cumulative Update 3 or later. We plan to add support for .Net 4.6.2 on Windows Server 2012 or Windows Server 2012R2 in our December releases of Exchange Server 2016 and 2013. .Net 4.6.2 will be required for Exchange Server 2016 and 2013 on all supported operating systems in March 2017. We advise customers to start evaluating requirements to move to .Net 4.6.2 now.

High Availability Improvements

One of the challenging areas in some on-premises environment is the amount of data replicated with each database copy. In Exchange Server 2016 Cumulative Update 3, network bandwidth requirements between the active copy and passive HA copies are reduced. The Exchange Server Role Requirements Calculator has been updated to reflect these improvements. The local search instance reads data from a database copy on the local server, also known as “Read from Passive”. As a result of this change, passive HA copy search instances no longer need to coordinate with their active counterparts in order to perform index updates. Lagged database copies still coordinate with their active counterparts to perform index updates. This change also reduces database failover times when compared to Exchange Server 2013.

Installing from a Mounted .ISO using Local Languages

.ISO’s mounted on localized versions of the operating system function correctly with Cumulative Update 3. Support for local language setup experience is limited to the 11 server languages supported by Exchange Server 2016.

Pre-Requisite Installation Behavior Updated

In previous releases of Exchange Server 2016 and 2013, servers were placed into server-wide off-line monitoring states during pre-requisite analysis and pre-requisite installation. This behavior is changed in the September cumulative update releases. Setup will now place a server in off-line monitoring mode when installation of new Exchange binaries begins. This change allows customers who are using the GUI upgrade experience to delay changing the monitoring state until after pre-requisite analysis confirms the server is ready for installation. The monitoring state will be configured when the user selects to proceed to the binary installation step. For customers using command line setup, placing the server into the off-line monitoring state is also delayed until pre-requisite analysis is completed and all pre-requisites are met. Once pre-requisites are confirmed, command line setup will change the monitoring status and proceed without a delay into the actual binary upgrade process.

Latest Time Zone and Security Updates

Exchange Server 2016 Cumulative Update 3 and Exchange Server 2013 Cumulative Update 14 include the security updates released in MS16-108. All of the September Exchange releases include support for Time Zone updates released through the month of August. Update Rollup 21 for Exchange Server 2007 and Update Rollup 15 for Exchange Server 2010, part of our September releases, were released as security bulletin MS16-108.

Refreshed People Experience in Outlook on the web

Exchange Server 2016 Cumulative Update 3 includes an updated view of Contact information and Skype for Business presence information. These changes mirror the current experience of Office365.

Countdown to Exchange Server 2007 End of Life (EOL)

We are now only seven months away from Exchange Server 2007 going out of support (Exchange Server 2007 T-1 year and counting). Customers still running Exchange Server 2007 should be implementing plans to move to Exchange Server 2013 or Office 365 to ensure uninterrupted access to support and product fixes.

Release Details

KB articles which contain greater depth on what each release includes are available as follows:

Exchange Server 2016 Cumulative Update 3 does include updates to Active Directory Schema. These updates will apply automatically during setup if the permissions and AD requirements are met during installation. If the Exchange Administrator lacks permissions to update Active Directory Schema, a Schema Admin needs to execute SETUP /PrepareSchema before installing Cumulative Update 3 on the first Exchange server. The Exchange Administrator should also execute SETUP /PrepareAD to ensure RBAC roles are updated correctly.

Exchange Server 2013 Cumulative Update 14 does not include updates to Active Directory, but may add additional RBAC definitions to your existing configuration. PrepareAD should be executed prior to upgrading any servers to Cumulative Update 14. PrepareAD will run automatically during the first server upgrade if Setup detects this is required and the logged on user has sufficient permission.

Additional Information

Microsoft recommends all customers test the deployment of any update in their lab environment to determine the proper installation process for your production environment. For information on extending the schema and configuring Active Directory, please review the appropriate TechNet documentation.

Also, to prevent installation issues you should ensure that the Windows PowerShell Script Execution Policy is set to “Unrestricted” on the server being upgraded or installed. To verify the policy settings, run the Get-ExecutionPolicy cmdlet from PowerShell on the machine being upgraded. If the policies are NOT set to Unrestricted you should use the resolution steps in KB981474 to adjust the settings.

Reminder: Customers in hybrid deployments where Exchange is deployed on-premises and in the cloud, or who are using Exchange Online Archiving (EOA) with their on-premises Exchange deployment are required to deploy the most current (e.g., 2013 CU14, 2016 CU3) or the prior (e.g., 2013 CU13, 2016 CU2) Cumulative Update release.

For the latest information on Exchange Server and product announcements please see What’s New in Exchange Server 2016 and Exchange Server 2016 Release Notes. You can also find updated information on Exchange Server 2013 inWhat’s New in Exchange Server 2013, Release Notes and product documentation available on TechNet.

Note: Documentation may not be fully available at the time this post was published.

Written by Misha Hanin

Trusted Business & Technology Advisor, Solutions Managing Director & Senior Solutions Architect at iRangers International Inc. with more than 25 years of experience in the field of information technology, infrastructure analysis and design, implementing innovative and leading technologies for International companies around the globe in public and private sectors.

Over the years I was able to develop very strong technical and engineering skills which helped me to earn trusted advisor status with our clients. As one of the nearly 500 trained Microsoft Certified Masters (MCM) in The World (during 10 years existence of MCM program, just about 500 people in The World participated in this very intensive training), I have a winning track record in building and bringing projects to operational and measurable success.

I am honored to have been awarded Microsoft Most Valuable Professional (MVP). This award is given to "exceptional, independent community leaders who share their passion, technical expertise, and real-world knowledge of Microsoft products with others."