Exchange 2013 RTM CU3 has now been released to the download centre.
CU3 includes fixes for customer reported issues, minor product enhancements and previously released security bulletins. A complete list of customer reported issues resolved in Exchange Server 2013 CU3 can be found in Knowledge Base Article KB2892464.
Note that the filename now reflects the actual CU!
There is also an accompanying KB article that describes the fixes and changes in the CU!
2865161 "Errors: Failed exporting item id: from source id" when you try to copy search results in an Exchange Server 2013 environment
2871980 Child domains are not displayed for selection when you create a mailbox by using EAC in an Exchange Server 2013 environment
2878160 "The Active Directory user wasn't found" error when you create or update an In-Place eDiscovery search in an Exchange Server 2013 environment
2882608 Exchange Server 2013 does not share the inproxy.dll file
2886115 Retention policies are not applied to Exchange Server 2013 mailboxes when user accounts are on different domains
2888274 WebClientReadFormQueryString string and WebClientEditFormQueryString string return incorrect URLs in an Exchange Server 2013 environment
2888315 Event 2112 or 2180 is logged when you try to back up a database in an Exchange Server 2013 environment
2888612 Retention policy does not work after you run a cmdlet in an Exchange Server 2013 environment
2889786 Sign-in format for Outlook Web App on mobile devices is not adjusted according to the Set-OwaVirtualDerictory cmdlet in an Exchange Server 2013 environment
2890650 Items in the Drafts folder are not stamped with the retention policy tag in an Exchange Server 2010 or 2013 environment
2895487 "Copy Search Results" option does not work in an Exchange server 2013 environment
2895500 DBCS characters appear garbled when you run some PowerShell scripts in EMS in an Exchange Server 2013 environment
2895678 "Nombre de usuario\dominio" is displayed unexpectedly on the Spanish version of the OWA and EAC logon pages in an Exchange Server 2013 environment
2902929 You cannot forward an external meeting request in an Exchange Server 2013 environment
2902934 Korean language localization issue in Exchange 2013 OWA user interface
2902936 You cannot change SMTP addresses for distribution groups by using EAC in an Exchange Server 2013 environment
2902938 You cannot preview Office documents in shared folders by using Outlook Web App in an Exchange Server 2013 environment
2902939 EMS connection error when you separately install an Exchange Server 2013 Mailbox server and a Client Access server
2883203 Exchange Server 2013 restarts frequently after Cumulative Update 2 is installed
2890814 No redirection to the Outlook Web App URL for Exchange Online users in an Exchange hybrid deployment
As with previous CUs, CU3 follows the new servicing paradigm that was previously discussed on the blog. The CU3 package can be used to perform a new installation, or to upgrade an existing Exchange Server 2013 installation to CU3. You do not need to install Cumulative Update 1 or 2 for Exchange Server 2013 when you are installing CU3. Cumulative Updates are well, cumulative. What else can I say,,,,
After you install this cumulative update package, you cannot uninstall the cumulative update package to revert to an earlier version of Exchange 2013. If you uninstall this cumulative update package, Exchange 2013 is removed from the server.
Note that customised configuration files are overwritten on installation. Make sure you have any changes fully documented!
What do I mean by that? Well, you need to ensure that you are fully informed about the caveats with the CU and are aware of all of the changes that it will make within your environment. Additionally you will need to test the CU your lab which is representative of your production environment.
Cheers,
Rhoderick
>>>
Kris Waters, one of my great colleagues from the US, originally posted a really neat list of items which can mitigate issues found in a lot of large scale Exchange deployments. Please take the time to review her post here. There are a lot of valuable pointers in her blog, so definitely check it out!
In addition there are a couple of other items listed below that you may also want to review.
As Kris states, please ensure that you carefully review and test any items mentioned here prior to placing them into production! As I like to say, some of these items follow the Captain Jack Sparrow words of wisdom – the pirate’s code is more what you’d call guidelines than actual rules… In other words carefully consider each on its on merits and how it relates to your organisation!
Update 27-11-2013: Added Logging section
Update 8-1-2014: Added RPC Client Access detail to Logging section
Update 21-6-2014: Added additional cluster hotfix information
This hotfix is strongly recommended for DAG servers, and has been for some time now. This resolves several issues in Windows 2008 R2 SP1. Exchange 2010 SP3 will prompt to install this update if it is not installed. The is the GUI view, and the same message is also displayed using command line setup.
Most Exchange admins will be aware of this issue, but what is sometimes then missed is the other base Cluster Hotfixes that are recommended by the cluster team. For example:
Recommended hotfixes for Windows Server 2008-based server clusters
Recommended hotfixes and updates for Windows Server 2008 R2 SP1 Failover Clusters
Recommended hotfixes and updates for Windows Server 2012-based failover clusters
Exchange 2010 is typically installed onto Windows 2008 R2, well at least most of the customers I visit do this, so looking at the 2008 R2 cluster updates in detail we see that in the general section there is an “interesting” hotfix contained in KB 2524478 The network location profile changes from "Domain" to "Public" in Windows 7 or in Windows Server 2008 R2. This was something that you can find a previous post on here. On a recent case I also saw this change once the server had been running for a wile. This customer had various network issues that seemed to exacerbate this issue.
Make sure that the network card drivers and firmware are at the correct build level. This can be a tricky one as you do not necessarily want to just stick on the latest available driver as it was just released. By carefully testing and evaluating releases you can determine the appropriate builds in conjunction with your hardware vendor of choice.
One other item that is now critical is the firmware of the blade chassis. Also make sure that its firmware and management components are also at the correct build level.
There are also issues with NIC reverting to a power save state and dropping traffic.
Please see the original post here.
In addition to ensuring that the monthly security updates are installed we sometimes see issues with the following items and it can pay off to keep them in mind when troubleshooting:
An issue with modern Exchange servers installed on blades is that the blade can have 256GB of memory, but only 146GB drives installed locally so how to configure the pagefile? Pagefile still needs to be RAM + 10 MB for performance and dumpfile reasons. Where to put it then and preserve the ability to capture complete memory dumps?
Traditionally if you select the Complete memory dump option, you must have a paging file on the boot volume that is sufficient to hold all the physical RAM plus 1 megabyte (MB). That does not work in the scenario above!
In Windows Vista, in Windows 7, in Windows Server 2008, and in Windows Server 2008 R2, this paging file can be on a partition that differs from the partition on which the operating system is installed as discussed in Overview of memory dump file options. There is also another hotfix available that allows you to create a dump file even if you have no pagefile configured at all! No Exchange admin should be doing this as Exchange requires the pagefile configuration mentioned above!
One note on storport that needs to be called out. You must check with the storage vendor, especially when SAN storage is used, to ensure the storage vendor supports the version of storport. The last thing you want is to have performance issues, call them for support and be told that you are in an unsupported position. That will spoil your day in a hurry!
One interesting issue I did see was around very slow access to performance counters. The underlying issue was with the Remote Registry service as it was leaking resources. This is resolved with hotfix 2699780.
Windows 2008 R2 has an networking issue when a server has more than 32GB RAM. This is covered in KB 2634907
Hotfix 2497453 is required to resolve an issue with the .NET Framework. This issue manifests itself when Exchange 2010 SP1 is installed due to the Free/Busy intercept mechanism which was introduced in Exchange 2010 SP1. This issue is discussed here.
Exchange 2010 SP3 should be installed or you are in the planning stages to install it. Exchange 2010 SP2 will move out of support on the 8th of April 2014.
Note that in Exchange 2010 not all logging is enabled by default. So if an issue occurs you may need to enable logging and then wait for the issue to reoccur.
Note that the log location must be set first, and then the logging can be enabled
Set-ImapSettings -Server Exch-1 -LogFileLocation D:\Logs\IMAP
Set-ImapSettings -Server Exch-1 -ProtocolLogEnabled $true
Set-PopSettings -Server -LogFileLocation D:\Logs\POP
Set-PopSettings -Server <servername> -ProtocolLogEnabled $true
Note that the format is server\connector name. In the below example Exch-1 is the server, and "Default Exch-1" is the default receive connector on that server.
Set-ReceiveConnector "EXCH-1\Default EXCH-1" -ProtocolLoggingLevel Verbose
Set-SendConnector Interwebs -ProtocolLoggingLevel Verbose
Set-TransportServer Exch-1 -IntraOrgConnectorProtocolLoggingLevel Verbose
By default, throttling logging is disabled for the RPC client access service. Therefore, you will not see throttling information in the RPC Client Access logs. To enable throttling logging, follow these steps:
Be aware of the wrapping issue with the Windows 2008/2008 R2 cluster log .ETL files
While we do NOT support directly manipulating the DAG’s underlying cluster, it is very useful to look at the cluster logs if there is an issue. By ensuring that the cluster logs are sized correctly there is less risk of losing valuable troubleshooting data.
The default cluster log is 100 MB. In the examples below the new size is indicated by XXX. Size this so you have sufficient cluster log data retention.
To modify using PowerShell
Set-ClusterLog –Size XXX
To Modify using cluster.exe
Cluster.exe LOG /Size:XXX
In the newer versions of Windows, the failover cluster human readable log is not present on disk and must be explicitly generated. This is different from Windows 2003 and 2000 Failover Clustering where the readable log file was present without any intervention.
This can be done via the command prompt or PowerShell.
Cluster.exe LOG /GEN
Look for the log on each cluster member in the local C:\Windows\Cluster\Reports folder.
Sometimes you may want to look at logs individually, but typically the command will look like this to dump the cluster log from all notes to a specified central directory so you do not have to manually pull them together:
Cluster.exe LOG /GEN /COPY:<Directory>
If you want to get the logs only for the last 90 minutes then we can add the SPAN parameter. The below example copies the logs from all servers to the C:\Clustlog folder on the local server executing the command:
Cluster.exe LOG /GEN /COPY:"C:\Clustlog" /SPAN:90
Additional information can be found on TechNet.
Get-ClusterLog
Typically the command will look like this to dump the cluster log from all notes to a specified directory:
Get-ClusterLog –Destination ‘directory’
We do not recommend changing the default cluster inter and intra subnet heartbeat intervals as a means to resolve underlying network issues. The network issue should be fixed. Increasing the heartbeat settings merely masks the underlying issue.
To check what is currently set we can run:
Cluster.exe /cluster:<ClusterName> /prop
This will return the following entries:
CrossSubnetDelay 1000 CrossSubnetThreshold 5
SameSubnetDelay 1000 SameSubnetThreshold 5
Or in the land of PowerShell, we can use Get-Cluster to see the properties but make sure that the PowerShell module is loaded up first:
Import-Module FailoverClusters
Then we can run:
Get-Cluster | Format-List *
Note that there is an asterisk after the Format-List command. That always gets me!!
Office 2010 Filter pack SP2 is available
Ensure that your users receive the appropriate throttling policy, and the same applies to service accounts!
The default throttling policy should remain unchanged, and you should create new throttling policies for each of the groups of users you wish to have different settings.
One other item worth mentioning is that some of the throttling infrastructure changes have gone unnoticed. This is generally when I see folks running:
Set-Mailbox <mailboxname> –ThrottlingPolicy MyCustomPolicy
That’s great, but that is only a mailbox. What about machines that need to interact with Exchange where the content is a computer object rather than a mailbox?
To enhance this the Get-ThrottlingPolicyAssociation and Set-ThrottlingPolicyAssociation cmdlets were adding in Exchange 2010 SP1. Use the Set-ThrottlingPolicyAssociation cmdlet to associate a throttling policy with a specific object. The object can be a user with a mailbox, a user without a mailbox, a contact, or a computer account
Update 9-4-2014: Please see this other post for a more detailed discussion on quarantine.
The default time out for mailbox quarantine in 6 hours in Exchange 2010. In the scenario where an exec’s mailbox gets quarantine at 09:00 local time then it will stay quarantined until 15:00 unless you take action.
This may not be acceptable for some organisations, and the default value can be changed.
The settings for the amount of failures that lead to quarantining a mailbox and also for the amount of time that a mailbox should stay quarantined are stored in the MailboxQuarantineCrashThreshold and MailboxQuarantineDurationInSeconds keys in:
HKLM\SYSTEM\CurrentControlSet\Services\MSExchangeIS\<Server Name>\Private-{db guid} subkey.
The default values for these keys are three failures for MailboxQuarantineCrashThreshold and 21,600 seconds (six hours) for MailboxQuarantineDurationInSeconds.
KB 2603736 discusses the issue.
I wish I had money for every time I asked if SCOM is monitoring Exchange and the reply is yes! Then we find out that the MP was imported and nothing else was done. That is not really what we need. Make sure all the events that you are interested in are actually monitored. Do not assume the default MP is all you need.
You will also find that overrides will be necessary to suppress items that are not relevant to your business. For Example:
Be sure to set the CAS URLs as per design and not overlook any.
Also ensure that when new Exchange servers are deployed that their URLs are changed immediately to the correct values and not left at the default ones.
Be sure to manage Outlook settings fully via GPO. You have AD and GPOs so use them to your full advantage! Do not let users create Personal Storage Tribbles (PSTs), lock those settings down!
Ensure that Outlook is properly patched to mitigate any security issues, and also to provide fixes to issues! Neglecting client maintenance will lead to end user impact and should not be over looked.
Understand that mailbox auditing is disabled for all mailboxes by default. If you need, or ever will need, the ability to audit activity against mailboxes then you must manually enable this *BEOFORE* and incident ever happens. If you do not enable this, then there will be no audit data to review.
Administrator audit logging is enabled by default. This now saves to an arbitration mailbox in Exchange 2010 SP1 and beyond. It will log all changes made to the environment. Get cmdlets are not saved in the audit log.
Previously we discussed how to customise Exchange 2010 RBAC to delegate creating mail enabled contacts. The intent of that original post was to allow for the for creation of simple mail enabled contacts that would facilitate sharing the SMTP address of a person outside the Exchange organisation.
Marc commented on that post as the provided solution did not fit his requirements which were different. There was no intent to go and modify the details of the contact objects in the original post. Phone number, office and location amongst others were not required. Marc on the other hand does want these fields to be edited. So what to do? Time for some more RBAC fun!!!
Let’s assume that we are at the end state of the previous blog, all those steps were followed and the custom RBAC role of “AD-Contact-Editors” exists as documented in that post. This would involve running the following PowerShell commands:
New-ManagementRole -Name AD-Contact-Editors -Parent "Mail Recipient Creation" Get-ManagementRoleEntry -Identity AD-Contact-Editors\* | Where-Object {$_.Name -ne 'Get-MailContact'} | Remove-ManagementRoleEntry Add-ManagementRoleEntry -Identity "AD-Contact-Editors\New-MailContact" Add-ManagementRoleEntry -Identity "AD-Contact-Editors\Remove-MailContact" Add-ManagementRoleEntry -Identity "AD-Contact-Editors\Get-Recipient" Add-ManagementRoleEntry -Identity "AD-Contact-Editors\Set-Recipient" New-ManagementRoleAssignment -Role AD-Contact-Editors -User User-1
New-ManagementRole -Name AD-Contact-Editors -Parent "Mail Recipient Creation"
Get-ManagementRoleEntry -Identity AD-Contact-Editors\* | Where-Object {$_.Name -ne 'Get-MailContact'} | Remove-ManagementRoleEntry
Add-ManagementRoleEntry -Identity "AD-Contact-Editors\New-MailContact"
Add-ManagementRoleEntry -Identity "AD-Contact-Editors\Remove-MailContact"
Add-ManagementRoleEntry -Identity "AD-Contact-Editors\Get-Recipient"
Add-ManagementRoleEntry -Identity "AD-Contact-Editors\Set-Recipient"
New-ManagementRoleAssignment -Role AD-Contact-Editors -User User-1
They should all be on a single line, but may wrap.
Note that the Management Role has been assigned to an individual account – please see the note below on assigning to a group for production usage.
The AD-Contact-Editors custom management role should contain the following cmdlets:
Opening up ECP shows that User-1, who is assigned this custom RBAC role, can Create and Delete contacts. Note that there is no details button, thus a contact cannot be edited once created, and additionally the capability to edit other properties of the contact are not exposed.
As mentioned in the other post, AD-Contact-Editors is a copy from the built in “Mail Recipient Creation” role since that was the only role which has the New-MailContact cmdlet. However, it does not contain the Set-MailContact cmdlet, and since the cmdlet does not exist in the parent role it can never be added to the child role. So if we want to provide the capability to run Set-MailContact then we will need to do some more delegation work in RBAC!
As before, lets see where the Set-MailContact cmdlet lives:
Get-ManagementRole –Cmdlet Set-MailContact
We can see that Set-MailContact lives in three places. In this case we want to leverage the Mail Recipients built in role, so we shall make a copy of that to work with! For lack of imagination, this new custom role will be called: AD-Contact-Editors-Recipients.
Lets create the role, by copying the parent role:
New-ManagementRole -Name AD-Contact-Editors-Recipients -Parent "Mail Recipients"
The Mail Recipients role contains a lot of unwanted cmdlets for this task, and since AD-Contact-Editors-Recipients is a direct copy then it too will contain the same unwanted cmdlets. Lets flush out all cmdlets apart from Get-MailContact.
Get-ManagementRoleEntry -Identity AD-Contact-Editors-Recipients\* | Where-Object {$_.Name -ne 'Get-MailContact'} | Remove-ManagementRoleEntry
The above should be on one line, but may wrap.
After pressing “A” to accept that all the cmdlets will be removed, lets check the current contents of our custom AD-Contact-Editors-Recipients role:
Get-ManagementRoleEntry -Identity AD-Contact-Editors-Recipients\*
That looks good! It only contains the Get-MailContact cmdlet – all the others were removed. Now we can add back in the couple of cmdlets that we need by running all of these commands:
Add-ManagementRoleEntry -Identity "AD-Contact-Editors-Recipients\Set-MailContact" Add-ManagementRoleEntry -Identity "AD-Contact-Editors-Recipients\Enable-MailContact" Add-ManagementRoleEntry -Identity "AD-Contact-Editors-Recipients\Disable-MailContact" Add-ManagementRoleEntry -Identity "AD-Contact-Editors-Recipients\Set-Contact" Add-ManagementRoleEntry -Identity "AD-Contact-Editors-Recipients\Get-Contact"
Add-ManagementRoleEntry -Identity "AD-Contact-Editors-Recipients\Set-MailContact"
Add-ManagementRoleEntry -Identity "AD-Contact-Editors-Recipients\Enable-MailContact"
Add-ManagementRoleEntry -Identity "AD-Contact-Editors-Recipients\Disable-MailContact"
Add-ManagementRoleEntry -Identity "AD-Contact-Editors-Recipients\Set-Contact"
Add-ManagementRoleEntry -Identity "AD-Contact-Editors-Recipients\Get-Contact"
I won’t screenshot you to death, so here is just one image showing the above being added back in:
Again, lets check to see the cmdlets contained within the Role:
Looking good!
Update 1-6-2014: The focus of the post was on the above items, since creating the custom RBAC role is the hardest part of the process. Initially this role was directly assigned to an end user called “User-1”, but have also added the steps so that the role assignment has also been done to a Role Group as well. Thanks for the feedback folks! For testing purposes individual assignment is fine, though in production usage groups will be used. Just the same as for NTFS permission assignment….
If you want to assign directly to an individual account, then execute the:
New-ManagementRoleAssignment -Role AD-Contact-Editors-Recipients -User User-1
Alternatively if you want to assign to a brand new Role Group called “AD-Contact-Editors-RG” then execute:
New-RoleGroup AD-Contact-Editors-RG -Description "Contact Creators" -Roles "AD-Contact-Editors-Recipients"
If assigning the management Role to a group, we also need to ensure that the test account is added to the Role Group:
Add-RoleGroupMember -Identity AD-Contact-Editors-RG -Member User-1
And then we can run Get-RoleGroupMember to verify the membership addition.
Get-RoleGroupMember -Identity AD-Contact-Editors-RG
Moving on now to the most important part, testing!
Logging onto ECP as the test account (User-1), now shows that the details button has been enabled when looking at the contact objects:
We can edit the contact, and fill in some meaningless data!
Once the changes have been saved, AD users and computers then displays the updated fields:
Since our test user now has RBAC Role Assignments to both the AD-Contact-Editors and AD-Contact-Editors-Recipients custom roles, they are now able to create, delete and modify contact objects! The two RBAC Role Assignments can be seen below:
To summarise the commands used:
New-ManagementRole -Name AD-Contact-Editors-Recipients -Parent "Mail Recipients" Get-ManagementRoleEntry -Identity AD-Contact-Editors-Recipients\* | Where-Object {$_.Name -ne 'Get-MailContact'} | Remove-ManagementRoleEntry Add-ManagementRoleEntry -Identity "AD-Contact-Editors-Recipients\Set-MailContact" Add-ManagementRoleEntry -Identity "AD-Contact-Editors-Recipients\Enable-MailContact" Add-ManagementRoleEntry -Identity "AD-Contact-Editors-Recipients\Disable-MailContact" Add-ManagementRoleEntry -Identity "AD-Contact-Editors-Recipients\Set-Contact" Add-ManagementRoleEntry -Identity "AD-Contact-Editors-Recipients\Get-Contact" New-ManagementRoleAssignment -Role AD-Contact-Editors-Recipients -User User-1
.
If needed we could have scoped RBAC down even further and limited the actual contact fields they were allowed to modify. Maybe that’s a post for another day!
* – The super eagle eyed out there may notice the deliberate image issue above
As announced on the Windows Server blog last month, the team has released Windows Server 2012 R2 for General Availability. Download the Windows Server 2012 R2 evaluation or use our free Windows Server 2012 R2 Virtual Labs to test the product online without installation.
Then, learn directly from Microsoft's product experts with a series of new Windows Server 2012 R2 courses on Microsoft Virtual Academy:
Windows Server 2012 R2: Networking
Windows Server 2012 R2: Server Management & Automation
Windows Server 2012 R2: Web and Application Platform
Windows Server 2012 R2: Access and Information Protection
View all of the latest courses on Windows Server 2012 on the MVA Windows Server Topic Page.
Some highlighted content below that may pique your interest!
>>
Learn the new features in Exchange server 2013 in this introductory course.
Are you planning an upgrade to Microsoft Exchange Server 2013, or do you just want to know more about what it would involve? Take this fast-paced, demo-rich Jump Start course about planning, deploying, and managing Microsoft Exchange Server 2013 on-premises. You’ll find out how to manage the messaging infrastructure and provide high availability and security through live demos geared to your business needs. This Jump Start is appropriate for anyone upgrading from earlier versions of Exchange as well as IT Pros new to Exchange but with prior networking experience. It will help you prepare for Exam 70-341
Learn how System Center 2012 R2 can help manage Windows Server 2012 R2
Microsoft experts have released a series of new MVA courses on Windows Server 2012 R2. Get insight into industry trends, performance levels, and network performance with our server networking course.
Free MVA course – Windows Server 2012 R2: Server Management & Automation
Learn to create a more efficient work environment through management and automation within Windows Server 2012 R2. The course also detailing new management capabilities, updates to Windows PowerShell, deployment options and methods, and MultiServer Management capabilities.
Overcome the technical challenges involved in integrating private & hybrid cloud services.
Learn about Microsoft's commitment to delivering an end-to-end solution for self-service delivery of multi-tenant cloud services directly from the experts.
Learn how Windows Server 2012 R2 helps you provision, manage and secure devices.
The world of bring-your-own devices (BYOD) provides businesses and users with flexible and low-cost productivity and connection solutions. At the same time, it presents IT Pros and admins with serious challenges in securing their infrastructure. This new course from MVA will teach you how Windows Server 2012 R2 helps you provision, manage and secure devices while creating a seamless experience for the user.
The Exchange team today announced the availability of Update Rollup 3 for Exchange Server 2010 Service Pack 3. RU3 is the latest rollup of customer fixes available for Exchange Server 2010. The release contains fixes for customer reported issues and previously released security bulletins.
Update: 6-2-2014 Folder views are not updated when you arrange by categories in Outlook after you apply Exchange Server 2010 Service Pack 3 Update Rollup 3 or Update Rollup 4
>
Exchange 2010 SP3 RU3 is not considered a security release as it contains no new previously unreleased security bulletin, but does contain all previous fixes. Exchange 2010 SP3 RU2 did include a security fix, which is present in RU3.
This is build 14.03.0169.001 of Exchange 2010, and KB2891587 has the full details for the release.
2878175 Client Access server crashes when you use Outlook with a Riverbed WAN optimizer in an Exchange Server 2010 environment
2839533 RPC Client Access service freezes in an Exchange Server 2010 environment
2879320 Retention action setting is not updated in FAI items by running the Set-RetentionPolicyTag cmdlet in an Exchange Server 2010 environment
2880153 RPC Client Access Service crashes if Outlook is in online mode in an Exchange Server 2010 environment
2715761 "550 5.6.0" NDR when you send a yearly recurring meeting request in an Exchange Server 2010 environment
2840454 "The rules on this computer do not match the rules on Microsoft Exchange" error when you manage rules by using Outlook 2013 in an Exchange Server 2010 environment
2874070 Public folders are exposed although the user does not have rights to see the parent folders in an Exchange Server 2010 SP3 environment
2879736 Office 365 users cannot retrieve an on-premises user’s free/busy data in an Exchange Server 2010-based hybrid deployment
2880290 RPC Client Access service crashes when you use Outlook in ANSI online mode in an Exchange Server 2010 environment
2882467 RPC Client Access service stops if Outlook is in online mode in an Exchange Server 2010 environment
2882677 BlackBerry device is not redirected in an Exchange Server 2010 environment
2886469 EAS client receives status code 8 during synchronization in an on-premises Exchange Server 2010 environment
2886567 "Objects added to a BindingSource's list must all be of the same type" error message when you add an additional domain name in Exchange Server 2010 SP3
2887574 RPC Client Access service freezes when your mailbox reaches the quota limit in an Exchange Server 2010 environment
2888406 Mailbox Replication service crashes when you try to move mailboxes in an Exchange Server 2010 environment
2888906 Events 1000, 4999, and 9775 are logged when Store.exe crashes on an Exchange Server 2010 SP3 Mailbox server
2888911 W3wp.exe crashes when you decline a meeting request by using Outlook Web App or an EWS application in an Exchange Server 2010 environment
2891194 Exchange ActiveSync devices are marked as "Blocked" in EMS and EMC when the devices are synchronizing with the Exchange Server 2010 server
2892337 Outlook client freezes when you try to sort email folders by columns in an Exchange Server 2010 environment
2893437 Delegate can read your AD RMS protected messages by using Outlook Web App in an Exchange Server 2010 environment
2896304 Background image is displayed incorrectly in an email message when a disclaimer rule is enabled in an Exchange Server 2010 environment
2899146 You cannot drag email messages to other folders by using Outlook Web App in an Exchange Server 2010 environment
Now, before we rush off to download and install this there are a couple of items to mention!