Critical Security Update MS13-105 for Exchange Server 2007, 2010, and 2013

In the latest Patch Tuesday cycle Microsoft has released a critical update for the currently supported versions of Exchange Server.

Exchange Server 2007 and 2010 receive security updates via update rollups, therefore new update rollups have been made available. These are:

  • Exchange 2007 SP3 RU12
  • Exchange 2010 SP2 RU8
  • Exchange 2010 SP3 RU4

Note that these update rollups contain no new fixes or changes other than the security update.

Exchange Server 2013 receives security updates as standalone updates, and the new security fix is available for:

  • Exchange 2013 CU2
  • Exchange 2013 CU3

Note that Exchange 2013 RTM and Exchange 2013 CU1 are not supported in the servicing model for Exchange Server 2013 and will not receive this security update. You should update to CU2 or CU3 (preferably CU3) so that the security update is available to you.

More information including links to the downloads is available in the MS13-105 bulletin.

About Paul Cunningham

Paul is a Microsoft Exchange Server MVP and publisher of Exchange Server Pro. He also holds several Microsoft certifications including for Exchange Server 2007, 2010 and 2013. Find Paul on Twitter, LinkedIn or Google+, or get in touch for consulting/support engagements.

Comments

  1. Microsoft recommends removing CAS servers from their NLB cluster before updating. Do you know of any best practice documentation for updating CAS servers behind a hardware load balancer? Specifically a Big-IP F5. Unfortunately, F5′s deployment guides do not cover this.
    Thanks for your help,

Leave a Comment

*

We are an Authorized DigiCert™ SSL Partner.