Virtual Event: Threat Detection and Incident Response Summit - Watch Sessions
Connect with us

Hi, what are you looking for?



Unpatch Wednesday: Microsoft Pulls Flawed Exchange Server Patch

Just 24 hours after shipping a critical Exchange Server 2013 patch to cover several remote code execution vulnerabilities, Microsoft has yanked the update because it causes a corruption in the index database.

Just 24 hours after shipping a critical Exchange Server 2013 patch to cover several remote code execution vulnerabilities, Microsoft has yanked the update because it causes a corruption in the index database.

Microsoft is urging all Exchange Server 2013 users to hold off on deploying the patch until a corrected version can be issued.

“Late last night we became aware of an issue with MS13-061 security update for Exchange Server 2013. Specifically, after the installation of the security update, the Content Index for mailbox databases shows as Failed and the Microsoft Exchange Search Host Controller service is renamed,” said Ross Smith, a principal program manager at Microsoft.

Microsoft LogoSmith warned that this glitch affects all Mailbox server installations, leading the company to pull the update temporarily.

For those that have already installed the MS13-061 security faulty update, Microsoft has shipped a workaround (KB 2879739) that provides steps on how to resolve the problem

The workaround s trivial and involves resetting registry entries.

Microsoft has struggled with faulty patches in the past but has done a better job recently of testing and finding problems before updates ship on Patch Tuesday.

However, in this case, Microsoft’s Smith said the patch “did not get deployed into our dogfood environment prior to release.” He did not provide reasons for the lack of quality assurance testing.

Advertisement. Scroll to continue reading.

“We will work very hard to regain your trust and confidence. With that said, we have recently made the decision to delay the release of Exchange 2013 RTM CU3 by several weeks to ensure that we have enough run time testing within our dogfood environment. Also, we will ensure that all patches are deployed in our dogfood environment prior to release going forward,” Smith said.

He said the changes in testing patches may lead to a chance in the once-per-quarter Exchange Server patch release cycle.

The MS13-061 update was shipped to fix three “publicly disclosed “vulnerabilities in Microsoft Exchange Server. The vulnerabilities could allow remote code execution and a complete compromise of a vulnerable system.

It is rated “critical” for all supported editions of Microsoft Exchange Server 2007, Microsoft Exchange Server 2010, and Microsoft Exchange Server 2013.

However, the faulty patch does not affect Exchange 2010 and Exchange 2007 because those servers employ a different indexing architecture, Smith said.

Written By

Ryan Naraine is Editor-at-Large at SecurityWeek and host of the popular Security Conversations podcast series. He is a security community engagement expert who has built programs at major global brands, including Intel Corp., Bishop Fox and GReAT. Ryan is a founding-director of the Security Tinkerers non-profit, an advisor to early-stage entrepreneurs, and a regular speaker at security conferences around the world.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content


Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...


The latest Chrome update brings patches for eight vulnerabilities, including seven reported by external researchers.


Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.


Apple has released updates for macOS, iOS and Safari and they all include a WebKit patch for a zero-day vulnerability tracked as CVE-2023-23529.

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

Application Security

Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.