Security

Be careful when you use the Exchange DST fix

I want to share a recent experience involving the daylight savings time patch for Exchange.   

As most IT professionals in the United States know, system patches are necessary this year to adjust when daylight savings time (DST) begins and ends.  Adjusting calendars in systems like Exchange can be difficult if done manually.  However, Microsoft provided what we believed to be a useful tool to automate this process.  If only they had given our patch management team ALL the information required to be successful.
 
In an effort to get the updates out of the way, our patch management engineers applied the necessary Exchange and outlook patches last weekend.  This was step one.  Without applying these patches, new calendar entries would not have properly reflected the change to DST on the start date of March 11.  All went well until the calendar fix program was executed.  The fix program was supposed to move all calendar entries during the weeks between March 11 and April 2—the day the system expects the change to occur—forward one hour.  Looking at the instructions for this process, our engineers found no mention of a very important required configuration change—the calendar must be configured to allow conflicting calendar entries for conference room resources.  This important piece of information was also omitted during two telephone conversations with Microsoft Support.  We like to be safe.  We also disallow conflicting conference room reservations, otherwise meetings can get a little crowded.
 
Because the fix application was run without making this change, no appointments for which conference rooms were reserved were adjusted.  This affects only appointments falling within the three weeks impacted by the time change—sort of.  Recurring meetings falling into the fall change back to standard time on October 29 through the old date of November 4 are also off by an hour; and there’s no way to fix it except for all users (about 15,000 in our case) to manually fix the problem.  You see, once you run the “fix” program all calendar entries are marked as fixed.  There's no way to re-run the fix after making the necessary adjustments.
 
Microsoft was little help.  They apologized and committed to either fix the problem or document the fix issue for organizations not yet updated. 

 

About Tom Olzak

Tom is a security researcher for the InfoSec Institute and an IT professional with over 30 years of experience. He has written three books, Just Enough Security, Microsoft Virtualization, and Enterprise Security: A Practitioner's Guide (to be publish...

Editor's Picks

Free Newsletters, In your Inbox