Microsoft Explains Flaw in RU4 for Exchange Server 2010 SP1

Microsoft provided an additional explanation on Wednesday about an Exchange Server 2010 Service Pack 1 Update Rollup 4 (RU4) problem and why this rollup was recalled.

IT pros who have downloaded RU4 should not apply it, Microsoft has advised. Those who did apply this rollup should contact Microsoft Customer Support to get an "Interim Update." The problem, in which folder data doesn't copy over into Outlook after applying the rollup, will be fixed in RU5, which Microsoft expects will be available in August.

The RU4 flaw came about after Microsoft attempted to address customer requests to make deleted public folders recoverable, Microsoft has explained. However, it's not clear why Microsoft might add a new feature to a rollup. What's considered new in a rollup seems to be a murky area. Microsoft's explanation posted on Wednesday included a comment from one reader stating that "I have generally followed the idea that update rollups should be a collection of bug fixes and should NEVER introduce 'new features' new features for the service packs."

Here is Microsoft's definition of an "update rollup" (possibly equivalent to a "rollup update"): "An update rollup is a tested, cumulative set of hotfixes, security updates, critical updates, and updates that are packaged together for easy deployment. A rollup generally targets a specific area, such as security, or a component of a product, such as Internet Information Services (IIS)."

Microsoft defines a "hotfix" in this way: "A hotfix is a single, cumulative package that includes one or more files that are used to address a problem in a product and are cumulative at the binary and file level. A hotfix addresses a specific customer situation and may not be distributed outside the customer's organization."

In any case, the problems with RU4 arose because code was removed that turned out to be still needed, according to Kevin Allison, general manager of Exchange customer experience at Microsoft. Exchange 2010 uses a new feature called "RPC [remote procedure call] client access," which functions as the messaging application programming interface (MAPI) for Outlook e-mail clients. With Exchange 2007 and Exchange 2010, Outlook clients are directed away from the Information Store and toward the RPC Client Access service to form connections. Code added to the Exchange 2003 Information Store was mistakenly thought to be legacy code, so it wasn't added to Exchange 2010. The removal of that code led to the RU4 flaw.

"As part of our investigation, we discovered that there was some specific code added to the Exchange 2003 Information Store to handle the procedure call from Outlook using the extra flag," Allison stated. "This code was also carried forward into Exchange 2007. But when the Exchange team added the RPC Client Access service to Exchange 2010, that code was not incorporated into the RPC Client Access service because it was mistakenly believed to be legacy Outlook behavior that was no longer required. That, unfortunately, turned out not to be the case."

The Exchange team uses more than 100,000 automated tests to validate products before shipping, Allison explained, along with manual validation tests if required. RU4 passed multiple copy and move tests, but the tests were not using Outlook's procedure call. Allison said that the Exchange team is now working with its counterparts on the Outlook side "to use their automated test coverage." Microsoft is also tightening up risk assessments associated with implementing customer-requested changes, he added.

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.


  • Microsoft Starting To Roll Out New Excel Connected Data Types

    Microsoft on Thursday announced some Excel and Power BI enhancements that add "connected data types" on top of the standard strings and numbers options.

  • Windows 10 Users Getting New Process for Finding Optional Driver Updates

    Accessing Windows 10 drivers classified as "optional updates" will be more of a manual seek-and-install type of experience, starting on Nov. 5, 2020, Microsoft explained in a Wednesday announcement.

  • Microsoft Changes Privacy Platform Name to SmartNoise

    Microsoft Research has changed the name of its "differential privacy" platform from "WhiteNoise" to "SmartNoise," according to a Wednesday announcement.

  • Why Restarting a Failed SCVMM Job Might Be a Bad Idea

    Occasionally, restarting a failed System Center Virtual Machine Manager job can leave your virtualization infrastructure in an unknown state. Here's how to avoid that.

comments powered by Disqus