Microsoft has released Update Rollup 7 for Exchange Server 2010 Service Pack 1.
This update rollup includes just a single update for a recent security vulnerability.
2740358 MS12-058: Vulnerability in Microsoft Exchange Server WebReady document viewing could allow remote code execution: August 14, 2012
Exchange Server 2010 SP1 Update Rollup 7 can be downloaded here.
Deploying Exchange Server 2010 SP2 Update Rollup 4
The standard order of deployment for Exchange Server updates applies.
- Client Access servers, starting with the internet-facing ones. See this article for how to patch a CAS array.
- Hub Transport and Edge Transport servers
- Mailbox servers. See this article for how to patch a Database Availability Group.
- Unified Messaging servers
You can also use Exchange MVP Andy Grogan’s RUPS tool to assist with the deployment.
Customers running Forefront Protection for Exchange need to remember to disable/enable FPE when installing update rollups.
Before installing the update, disable ForeFront by using this command: fscutility /disable. After installing the update, re-enable ForeFront by running fscutility /enable.
Or use the CustomPatchInstallerActions.ps1 script detailed here:
You should also refer to KB2743248 for guidance in the following scenarios:
- Install the update on computers that are not connected to the Internet
- Update issue on computers that have customized Outlook Web App files
- Update issue for CAS Proxy Deployment Guidance customers who deploy CAS-CAS proxying