Exchange 2013 Security Update MS13-061 not recommended to install

This post is also available in: Polish

Few days ago Exchange Team relesed the first Security Update for Exchange 2013 (MS13-061).

This security update was rated as Critical and resolves three publicly disclosed vulnerabilities in Microsoft Exchange Server. The vulnerabilities exist in the WebReady Document Viewing and Data Loss Prevention features of Microsoft Exchange Server. The vulnerabilities could allow remote code execution in the security context of the transcoding service on the Exchange server if a user previews a specially crafted file using Outlook Web App (OWA).

More information you can find here:

Microsoft Security Bulletin MS13-061 – Critical

Unfortunately after some people reported issues after installing new security update for Exchange 2013 MS13-061  (KB2874216), Microsoft pulled it untill further notice.

Installation of new security update MS13-061 can breaks your installation of Exchange 2013 and you can experience the following symptoms:

  • The content index (CI) for mailbox databases shows “Failed” on the affected server.
  • The Microsoft Exchange Search Host Controller service is missing.
  • You see a new service that is named “Host Controller service for Exchange.”


So now it’s not recommended to install MS13-061 on Microsoft Exchange 2013 servers.


To resolve those problems you follow below article:

Update 2874216 breaks the content index in Exchange Server 2013

As a workaround it’s recommended to update following registry entries:


  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Search Foundation for Exchange

    Set the value of the DataDirectory registry entry to the Data directory path for the Exchange Server installation.

    For example, if the Exchange Server installation directory is C:\Program Files\Microsoft\Exchange Server\V15, you would set the value of the DataDirectory registry entry to the following:

    C:\Program Files\Microsoft\Exchange Server\V15\Bin\Search\Ceres\HostController\Data

    Set the Exchange Data Directory registry entry

  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HostControllerService
    1. Set the value of the DisplayName registry entry to “Microsoft Exchange Search Host Controller.”
    2. Add a new multi-string value that is named DependOnService, and then set its value to http.
    3. Restart the Microsoft Exchange Search Host Controller service.

    Note The change to the service display name will take effect after you restart the server.


Print Friendly
Tagged , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>