Microsoft has pulled a patch released this week after it caused problems with Microsoft Exchange.
MS13-061 addressed three vulnerabilities in Exchange Server and was found to have triggered issues in version 2013, but not 2007 or 2010 environments.
"Specifically...the content index for mailbox databases shows as 'failed' and the Microsoft Exchange Search Host Controller service is renamed," Ross Smith IV, principal program manager of the Exchange Server product group said.
The three bugs lie in the way Exchange files are processed by Oracle Outside In, a set of libraries that software developers use to decode hundreds of file formats.
For administrators that already have deployed the patch, Microsoft recommends they apply KB 2879739, a workaround described here.
For those who have not yet installed the fix, the software giant suggests they don't and instead follow the steps listed in the "Workaround" section (under the "Vulnerability Information – Oracle Outside in Contains Multiple Exploitable Vulnerabilities") portion of the original security bulletin.
The patch also squashed a bypass in Address Space Layout Randomisation and Data Execution Prevention by removing all image pointers.
.png&h=140&w=231&c=1&s=0)
_page-0001.jpg&w=100&c=1&s=0)
.png&w=120&c=1&s=0)
Tech in Gov 2025
Forrester's Technology & Innovation Summit APAC 2025
.png&w=120&c=1&s=0)
Security Exhibition & Conference 2025
Integrate Expo 2025
Digital As Usual Cybersecurity Roadshow: Brisbane edition
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
