Microsoft recovered very well after a late-breaking bug affecting transport agents spoilt the release of Exchange 2013 SP1. A root cause was quickly determined and a patch made available. But curiously that patch remains invisible to anyone who doesn't realize that it exists - or might be needed. Something better can be done here!
As we all know, the happiness around the release of Exchange 2013 SP1 on February 25 was quickly pierced by reports that third-party add-on products could not be installed with SP1 due to some formatting problems in two XML configuration files included in the kit. The bug prevented the integration of transport agents used by third party products to insert code used for purposes such as applying corporate disclaimers or anti-virus checks.
Thanks to debugging done by engineers working for Microsoft and other vendors, the problem was quickly analyzed and a fix provided in short order in KB2938053, released on March 5.
So far, so good, you might think. A bug found and squashed. All is well. And so it is, provided that you know about the fix or don’t need it because you don’t use any third party products that need to insert code into the transport pipeline.
But what happens if you go to the Microsoft Download Center in a state of blissful unawareness to download Exchange 2013 SP1? You’ll certainly be able to find and download the code, but you will remain in an uninformed state because Microsoft doesn’t inform you that a patch has to be applied after SP1 is installed. The only KB article that is referenced is KB2926248, which provides a general description of the changes contained in SP1.
It seems strange that this would be the situation some two weeks after KB2938053 was released. A cynical reaction is that this is a marketing-led decision as Microsoft does not want to draw any more attention to the problem. I would rather think that it’s an oversight and that someone forgot to update the EHLO post announcing Exchange 2013 SP1 or the Download Center page to make the patch requirement more obvious. It’s true that the bug and the patch are discussed in the comments for the EHLO post, but who reads down through all of the comments for every post?
Microsoft is not going to reissue a patched Exchange 2013 SP1 kit at this point. The fix is in the code base but it won’t be provided to on-premises customers until Exchange 2013 CU5 is released following the normal quarterly update cadence, meaning that CU5 should appear sometime between the end of May and the end of June 2014 (i.e. in the second quarter).
Once CU5 appears, it then becomes the version that customers must install to get support. And because cumulative updates are full and complete versions of Exchange 2013, no further need will then exist to install SP1 (CU4), unless some operational reasons mandate this version.
Even so, it would be nice if Microsoft updated the Download Center page for Exchange 2013 SP1 to make the need for a patch more obvious. It’s just the right thing to do.
Follow Tony @12Knocksinna
Update 20 March: I enjoyed the opportunity of several email exchanges with Microsoft today. I'm not claiming credit for this, but Microsoft has just updated KB2926248 so that a warning notice about the bug is displayed. Thanks to everyone at Microsoft who listened and made this change. You know it's the right thing to do.