Issues that Exchange 2013 cumulative update 18 fixes

New health monitoring mailbox for databases is created when Health Manager Service is restarted in Exchange Server 2013

  • A database availability group (DAG) contains at least two Exchange servers together with an active or passive mailbox database deployment.
  • Exchange servers belong to different MonitoringGroups.
  • In this scenario, when you failover the databases from Exchange server A to other Exchange servers, for example, Exchange server B, and then restart health monitoring service on Exchange server A, you find that a new health mailbox is created. This happens every time when the Exchange Health Manager Service (MSExchangeHMHost.exe) is restarted.

You receive a corrupted attachment if email is sent from Outlook that connects to Exchange Server in cache mode

  • Assume that you use Microsoft Outlook 2016 to connect to Microsoft Exchange Server 2013 or Microsoft Exchange Server 2016 in cache mode. Then, you send an email message that contains a text attachment whose size is exactly 32,732 bytes. In this situation, the recipient receives a corrupted attachment.

Synchronization may fail when you use the OAuth protocol for authorization through EAS in Exchange Server 2013

  • When you use the OAuth protocol for authorization through Microsoft Exchange ActiveSync (EAS) in a Microsoft Exchange Server 2013 environment, the synchronization may sometimes fail.
  • Note This issue may also occur in an Exchange Server 2016 environment.

Description of the security update for Microsoft Exchange: September 12, 2017

  • This security update resolves a vulnerability in Microsoft Exchange Outlook Web Access (OWA). The vulnerability could allow elevation of privilege or spoofing in Microsoft Exchange Server if an attacker sends an email message that has a specially crafted attachment to a vulnerable server that is running Exchange Server.

Download Exchange 2013 CU18