Microsoft patches the patch that broke Exchange Server • The Register
Microsoft has resumed the rollout of an Exchange Security update that was paused following reports of broken transport rules and disrupted email flow.
Keeping email flowing is one of the primary purposes of an email server, so the November 2024 Security Update problem was embarrassing, and it forced Microsoft to halt the rollout as it addressed the technical glitch.
Exchange Online was already protected from the flaws being patched in the update, hybrid or fully on-premises Exchange Server users required the fixes.
The buggy update was particularly problematic for users with transport or data loss protection (DLP) rules configured as these could stop working after installation, requiring a service restart.
Microsoft did not explain precisely what it fixed, only that “the re-released SUs resolve this issue.”
The re-release was announced on Reddit by Scott Schnoll, Microsoft’s Product Marketing Manager for Exchange Online and Exchange Server. In response to one Redditor who stated: “Awesome. So I can get rid of my scheduled task which is restarting the transport services every 30 minutes,” Schnoll replied: “Yes, but you shouldn’t have been doing that in the first place. Our guidance is to uninstall the SU if you ran into the issue.”
A cynic might suggest that none of this would have been necessary if Microsoft hadn’t released a security update that broke transport rules in Exchange so severely that it had to stop the rollout to fix the code.
The past is, of course, a different country. They do things differently there. Like testing updates properly before rolling them out.
Another user commented: “Good luck to anyone patching their exchange, day before Thanksgiving in case they broke something new in this re-release.”
Microsoft referred to the original update as “Nov 2024 SUv1” in its post. The new one is “Nov 2024 SUv2.” Users who manually installed the original and encountered no issues are advised to install the replacement. Users who had the original Nov 2024 SUv1 installed through Windows Update will get the new version automatically before long.
Microsoft said: “Please note that we have delayed the release of the Nov 2024 SUv2 to Microsoft / Windows Update until December to prevent servers from automatically installing the Nov 2024 SUv2 over the US Thanksgiving holiday.” ®