Below you may find the list of Windows updates affecting OA provisioning.
The Operations Automation team uses the following testing and publishing method for Windows security updates.
All internal testing environments used by the QA and Development departments are configured to install all Windows security updates as they arrive. This is done using a pre-configured WSUS policy.
If any update affecting provisioning is found during these tests, it will be included in this KB.
If you install updates and they affect the live provisioning system, then a support case should be opened. The support team will analyze the case, and the update will be included in this KB article if it is determined to affect provisioning.
Please also refer to the Microsoft Windows Updates supported by OA article, which contains the list of Windows updates checked by OA QA and Development teams in the past, along with testing statuses.
|Date||KB number||KB description||Issues found|
|Dec, 2014||KB3004394||December 2014 update for Windows Root Certificate Program in Windows||Description: After update is installed, the installation and update of PA agents can lasts hour. Reason and How to fix: Remove KB3004394|
|Sep 14, 2010||KB982802||MS10-066: Vulnerability in remote procedure call could allow remote code execution||Description: After Microsoft Remote Procedure Call (RPC) Security Patch MS10-066 is installed, the BlackBerry Enterprise Server User Administration tool stops functioning. Reason and How to fix: Refer to BlackBerry Knowledge Base article BlackBerry User Administration client commands fail after Microsoft Patch MS10-066 is installed.|
|Oct 26, 2009||KB974571||MS09-056: Vulnerabilities in CryptoAPI could allow spoofing||**Description**: After KB974571 (MS09-056: Vulnerabilities in CryptoAPI could allow spoofing) is installed on OCS nodes, services that are required by Communications Server are not started after you install the update and then restart a computer that is running Communications Server. **Reason**: CryptoAPI changed and services validation is broken. **How to fix**: Download and install OCSASNFix.exe as described in section "Resolution for these known issues" of the KB.|
|Oct 26, 2009||KB968930||Windows Management Framework Core||**Description**: After KB968930 (Windows Management Framework Core) is installed on the MPS node, some Hosted Exchange provisioning tasks fail with the error "A parameter cannot be found that matches parameter name 'Alias.'" **Reason**: The updated PowerShell 2.0 does not accept the Alias parameter of the Set-mailboxcmdlet **How to fix**: Problem described in [KB2087941](http://support.microsoft.com/kb/2087941) and fixed in Update Rollup 8 for Hosted Messaging and Collaboration 4.5|
|Aug 24, 2009||Download||Exchange Server 2007 Service Pack 2||**Description**: Some Public Folders-related provisioning tasks fail after installing Exchange 2007 SP2 on MPS nodes. **Reason**: Property names were changed in Public folder-oriented cmd-lets used by provisioning tasks. **How to fix**: Do not install the SP2 on MPS node(s). Use previous latest version instead (SP1 with Rollups). The note has also bee added to the OA Hosted Exchange Deployment guide.|
|Sep 10, 2009||KB970162||Update Rollup 9 for Exchange Server 2007 Service Pack 1||**Description**: Some providers enable non-secure POP3 and IMAP4 authentication for end-customers. In such configurations, the Rollup installation resets service settings and denies authentication using plain text. **Reason**: Default (more secure) authentication settings are applied to POP3/IMAP4 services during the KB installation. **How to fix**: If non-secure configuration is needed, call the following cmd-lets on CAS servers to fix it: `Set-PopSettings -LoginType PlainTextLogin Set-ImapSettings -LoginType PlainTextLogin`|
Below is the list of other sources with HMC update testing statuses:
- Windows Update Compatibility tests by HMC team from Microsoft: HMC 4.0, HMC 4.5
- Hosted Messaging and Collaboration Knowledge Base Articles: HMC 3.5, HMC 4.0 and HMC 4.5. These articles outline the fixes and updates that have been tested by Microsoft and are certified to work with the respective HMC offerings.