Exchange 2013 CU17 Released


Exchange 2013 CU17 has been released to the Microsoft download centre!  Exchange 2013 has a different servicing strategy than Exchange 2007/2010 and utilises Cumulative Updates (CUs) rather than the Rollup Updates (RU/UR) which were used previously.    CUs are a complete installation of Exchange 2013 and can be used to install a fresh server or to update a previously installed one.  Exchange 2013 SP1 was in effect CU4, and CU17 is the thirteenth post SP1 release.

Download Exchange 2013 CU17

This is build 15.00.1320.004 of Exchange 2013 and the update is helpfully named Exchange2013-x64-cu17.exe.  Which is a great improvement over the initial CUs that all had the same file name!  Details for the release are contained in KB 4012114.

Whether or not your AD Schema needs to be updated depends upon your initial Exchange 2013 version.  This will dictate if the AD Schema needs to be modified.  Check the values as noted in this post.  There may be additional RBAC definitions, so PrepareAD should be executed prior to installing CU17.  If setup detects that PrepareAD is required it should be automatically executed if the account running setup has the necessary permissions.  This was an issue first discussed in the MessageCopyForSentAsEnabled  post and in Unexpected Exchange AD Object Values.

.NET Framework 4.7 is not supported at the time of writing.

No Exchange 2010 updates were released today since Exchange 2010 is in extended support.  Updates will be released as per the extended support lifecycle policy.

Exchange 2007 is no longer supported, updates are not provided once a product has exited out of extended support.

Updates Of Particular Note

CU17 contains the latest time zone updates.

As announced in the Exchange CU16 release post the .NET framework requirement has changed.  Exchange 2013 CU16 onwards require .NET framework 4.6.2.  Please see Exchange 2013 CU16 and Exchange 2016 CU5 .NET Framework Requirement for more details.

Issues Resolved

KB4024652 Repeated IMAP SEARCH BODY requests may not return newly delivered messages in Exchange Server

KB4024651 The "MessageRetrievalMimeFormat" setting isn't honored for plain text-only email messages in IMAP in Exchange Server

KB4024650 Emoji is displayed as question marks in iOS clients in an Exchange Server environment

KB4024647 "The property is too long" error when you update the "Department" field of user mailbox in Exchange Server 2013

KB4024646 "Insufficient access rights" error when you run setup.exe as member of "Delegated Setup" group in Exchange Server 2013

Some Items For Consideration

As with previous CUs, this one also follows the new servicing paradigm which was previously discussed on the blog.  The CU package can be used to perform a new installation, or to upgrade an existing Exchange Server 2013 installation.  You do not need to install Cumulative Update 4 or 5 for Exchange Server 2013 when you are installing the latest CU.  Cumulative Updates are well, cumulative.  What else can I say…

For customers with a hybrid Exchange deployment, must keep their on-premises Exchange servers updated to the latest update or the one immediately prior ( N or N-1).

After you install this cumulative update package, you cannot uninstall the cumulative update package to revert to an earlier version of Exchange 2013. If you uninstall this cumulative update package, Exchange 2013 is removed from the server.

  • Test the CU in a lab which is representative of your environment
  • Review this post to also factor in AD preparation which is to be done ahead of installing the CU onto the first Exchange server
  • Follow your organisation’s change management process, and factor the approval time into your change request
  • Provide appropriate notifications as per your process.  This may be to IT teams, or to end users.
  • Place the server into SCOM maintenance mode prior to installing, confirm the install then take the server out of maintenance mode
  • Place the server into Exchange maintenance mode prior to installing, confirm the install then take the server out of maintenance mode
  • I personally like to restart prior to installing CU.  This helps identifies if an issue was due to the CU or happened in this prior restart, and also completes any pending file rename operations.  3rd party AV products are often guilty of this
  • Restart the server after installing the CU
  • Ensure that all the relevant services are running
  • Ensure that event logs are clean, with no errors
  • Ensure that you consult with all 3rd party vendors which exist as part of your messaging environment.  This includes archive, backup, mobility and management services
  • Ensure that you do not forget to install this update on management servers, jump servers/workstations and application servers where the management tools were installed for an application.  FIM and 3rd party user provisioning solutions are examples of the latter
  • Ensure that the Windows PowerShell Script Execution Policy is set to “Unrestricted” on the server being upgraded or installed.  See KB981474
  • Disable file system antivirus prior to installing.  Do this through the appropriate console.  Typically this will be a central admin console, not the local machine
  • Verify file system antivirus is actually disabled
  • Once server has been restarted, re-enable file system antivirus
  • Note that customised configuration files are overwritten on installation.  Make sure you have any changes fully documented!
  • While CU17 does not add any new AD Schema changes.  If you are on an out-dated CU currently, then deploying CU17 may contain AD Schema updates for your organisation – please test and plan accordingly!  Whether or not your AD Schema needs to be updated depends upon your initial Exchange 2013 version.  This will dictate if the AD Schema needs to be modified.  Check the values as noted in this post.  Additional RBAC definitions may also be required.

Please enjoy the update responsibly!

What do I mean by that?  Well, you need to ensure that you are fully informed about the caveats with the CU  and are aware of all of the changes that it will make within your environment.  Additionally you will need to test the CU your lab which is representative of your production environment.

Cheers,

Rhoderick

Comments (30)

  1. Stephan says:

    Hi Rhoderick,
    for small companies the first point is not possible.
    -Test the CU in a lab which is representative of your environment

    We have a DAG with ~900 users and about 8TB mailboxes. Even if i install Exchange with all our settings and with some mailboxes, my boss came to me and said “MS said we have to license the servers” although they are just for testing.

    1. Christopher says:

      You don’t need to license Exchange in a test environment.

      Also Rhoderick, you haven’t mentioned it but I presume it is still a case of any version prior to CU15 will need to be upgraded to CU15 first, then .Net 4.6.2 installed and finally CU 17 installed?

      1. Christopher says:

        Ignore the second part of my reply, I’ve just read the article properly. Doh!

  2. Ryan Gauthier says:

    Rhoderick,
    I’m currently on Exchange 2013 CU14. I will be upgrading to CU15, restarting and then upgrading to .NET 4.6.2. After another restart, would I be able to jump to CU17 skipping CU16 all together?

    1. Hi Ryan – yes I see no issues with that.

      The main item is what you already identified – the jump to CU15 with .NET 4.6.2

      Cheers,
      Rhoderick

      1. Shawn Connors says:

        I am a little confused on the process. I currently run CU12 on my two Exchange 2013 servers, 1 CAS and 1 MBX server. Can I jump directly to CU17 form CU12 or do I have to do the update to CU15, install new .NET 4.6.2 and then CU17? Trying to figure out the best course before updating my systems this weekend. Great article BTW Rhoderick…
        Thanks-

        1. Shawn Connors says:

          I checked and am running .NET Framework 4.6.01055, release 394271, if that helps.
          Thx-

          1. Shawn Connors says:

            scratch that, my CAS is running 4.6.1 and for some reason my MBX is on 4.7, not sure if I should downgrade that to 4.6.2 and proceed with the CU updates, or wait for MS to clear .NET 4.7 for Exchange 2013?

  3. ihab says:

    Hi Rhoderick,
    I currently run in project to install a new Exchange 2013 servers for cross forest migration , Can I upgrade .net 4.6.2 on anew server and jump directly to CU17 or do I have to do the install CU15, install new .NET 4.6.2 and then CU17? Trying to figure out the best course before install my Exchange this weekend.
    Thanks

    1. Please see my reply to Shawn above – details are in the referenced post.

      Cheers,
      Rhoderick

  4. rino says:

    i’m about to upgrade from cu10 to cu17, do i need to go thru cu15 first? i ask because some posts says so and yet you don’t mention it here.

    1. Hi,

      You did read this bit?


      As announced in the Exchange CU16 release post the .NET framework requirement has changed.  Exchange 2013 CU16 onwards require .NET framework 4.6.2.  Please see Exchange 2013 CU16 and Exchange 2016 CU5 .NET Framework Requirement for more details.

      Cheers,
      Rhoderick

  5. Rajesh G says:

    Hi Rhoderick,

    Can we upgrade CU17 in mixed environement? Some Exchange servers with CU12 and CU15. We are planning to upgrade CU15 server to CU17 level in this case do you see any issue with ‘PrepareAD’ for CU17? does it will work?

    Or should we upgrade all servers to CU15 + .Net 462 and then upgrade to CU17 level?

    Please suggest.

    1. Yes – you can have different CU versions deployed.

      But.

      There is always a but……

      I know that you will be missing security updates if you have CU12 deployed. The recent security fixes are just not available for those builds so you must upgrade.

      https://blogs.technet.microsoft.com/rmilne/2017/07/25/july-2017-exchange-security-updates-have-you-updated/

      Cheers,
      Rhoderick

  6. Any issue with MaxHitsForFullTextIndexSearches ?

  7. Anant says:

    KB4024647 “The property is too long” error when you update the “Department” field of user mailbox in Exchange Server 2013.

    The KB mentioned above does not seems to be fixed. We could still see the same error after applying CU17 at lab setup.

    1. Anant says:

      or kindly let me know if I missed something to install, such as a pre-req.

  8. Phillip k says:

    Rhoderick, are there any known issues where a mailbox gets ‘ost cannot be created or opened’ on workstations or terminal servers in Outlook 2016 or 2013

    1. Not something that I have looked for or see Phillip.

      Is this related to other lock down or changes on the TS environment ?

      Cheers,
      Rhoderick

  9. Jose says:

    Hi. Rhoderick

    I’m in a situation where I want to upgrade my Exchange 2013 CU5 to the latest version CU17, but when I try to update it keeps trying to look for the original install file that is no longer on the server. Unfortunately, I can’t even download Exchange 2013 CU5 because it’s no longer available online. Any pointers would be greatly appreciated

  10. lucy says:

    hi got issues on my cu17 experiencing memory leak again. edgetransport.exe spikes handles is at 1000++

    1. Hi Lucy,

      Can you please get a case opened up for that so we can have a look.

      Cheers,
      Rhoderick

    2. Hi Lucy,

      Did you open up a case on that?

      Cheers,
      Rhoderick

  11. trkmany says:

    Hi, Rhoderick,
    We have two Exch 2013 servers with multi roles installed, and updated to CU15.
    can I update to CU18 directly?
    Please advice.

  12. Zied says:

    Hello, we need advise to upgrade my exchange 2013 cu6 to cu17.

  13. belikov.it says:

    Hello!
    I installed update Exch2013 CU17 using scripts Start Maintenance Mode and Stop Maintenance Mode (from Michael Van Hybrid) on the first server for each of the servers, then the migration stopped working and all the emails passed through the first server (including shadow copies).
    After script Stop Maintenance Mode the server did not restart.
    I executed the Stop script on each server separately and everything came back to normal.
    Do I need to restart server after running the script Stop Maintenance Mode?
    Thanks

Skip to main content