Additional fixes included in Security Update for Service Bus 1.1 for Windows Server (KB2979588)

Introduction

This article describes Security Update for Service Bus 1.1 for Windows Server. This security update addresses security bulletin MS14-042 for Service Bus 1.1 and some additional bug fixes. 

For more information about security bulletin MS14-042 for Service Bus 1.1 for Windows Server, go to the following TechNet site: For more information about the additional issues that the hotfix resolves, see the "More information" section.

We recommend that you test this update before you deploy it in a production environment.

Note The build number for this cumulative update package 2.0.30904.0.

More information

A supported cumulative update package is now available from Microsoft. This cumulative update is available for download in the "Download information" section of this article.

Issues that this cumulative update resolves

  • Microsoft Security Bulletin MS14-042 for Service Bus 1.1 for Windows Server
  • The MaxMessageSizeInBytes setting in the ServiceBus environment is not honored for AMQP sends, as in the following scenario:
    • When a Service Bus client uses the AMQP protocol, users may receive a “javax.jms.JMSException” exception message.
    • This exception occurs when Service Bus tries to send messages that are larger than 256 KB, regardless of the configuration value for MaxMessageSizeInBytes.
    • The value of MaxMessageSizeInBytes can be modified in the NetMessagingProtocolHead binding in the Microsoft.ServiceBus.Gateway.exe.config file.
  • The Set-SBNamespace PowerShell command sometimes returns an ArgumentOutofRangeException error, as in the following scenario:
    • When customers run the Set-SBNamespace PowerShell command together with the –ManageUsers option, they experience the following exception:

      System.ArgumentOutOfRangeException: The argument PrimaryKey cannot exceed 256 characters
      Parameter name: PrimaryKey
      at Microsoft.ServiceBus.Messaging.SharedAccessAuthorizationRule.set_PrimaryKey(String value)
      at Microsoft.ServiceBus.Commands.AuthorizationRuleHelper.Encrypt(AuthorizationRules rules, String encryptionToken)
    • This issue occurs when the customer runs the Set-SBNamespace command and the –ManageUsers option multiple times.
  • Service Bus configuration fails, as in the following scenario:
    • A customer uses a custom certificate, and the Subject contains additional fields beyond the Common Name (CN) field.
    • The Service Bus Configuration Wizard finishes and then displays a green check mark. However, Service Bus has not been configured correctly and does not work as expected.
    To determine whether Service Bus is affected by this issue, run the SB-GetMessageContainer PowerShell command. This will indicate the state of the message container or containers. The “Not Loaded” and “Creating” states are affected by this issue when “Active” is the expected state.
  • The Workflow Manager configuration may fail when it uses the same custom certificate as the Service Bus server, as in the following scenario:
    • A customer tries to configure a Workflow Manager farm by using the Network Load Balancer workaround (described at https://support.microsoft.com/kb/2949779).
    • Workflow Manager is using the same custom certificate that the Service Bus server is using.
  • Service Bus Configuration Wizard sometimes fails when it's using databases that have SQL Mirroring enabled, as in the following scenario:
    • A customer who uses Service Bus Configuration Wizard or who runs the New-SBFarm PowerShell command and receives the following error message:

      Configuration operation failed. Please drop databases and use "Create a New Farm" again.
    • In the “Details” section, the user sees the following:
      • The operation cannot be performed on database 'SBDatabase' because it is involved in a database mirroring session or an availability group. Some operations are not allowed on a database that is participating in a database mirroring session or in an availability group.
      • ALTER DATABASE statement failed
    • This issue may occur when SQL mirroring is enabled.

      Note When you use pre-created databases with SQL mirroring, you must set the following attributes on the databases. If these attributes are not set, the New-SBFarm PowerShell command will fail even after this update has been applied. 
      • On the Service Bus Gateway database, add the following attributes:

        snapshot_isolation_state = 1
        is_read_committed_snapshot_on = 1
      • On each of the Service Bus Message Container databases, add the following attributes:

        snapshot_isolation_state = 1
        is_read_committed_snapshot_on = 1
        is_trustworthy_on = 1

Cumulative update package information

Download information

The following file is available for download from the Microsoft Download Center:

https://www.microsoft.com/downloads/details.aspx?familyid=927a4c84-85ac-47ab-ad80-1156b7a68a27

For more information about how to download Microsoft support files, click the following article number to view the article in the Microsoft Knowledge Base:

119591 How to obtain Microsoft support files from online services

Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help prevent any unauthorized changes to the file.

Prerequisites

  • Supported operating systems: Windows Server 2008 R2 SP1, Windows Server 2012, and Windows Server 2012 R2
  • Software requirements: You must have Service Bus 1.1 installed on the computer where you are installing the update.
  • Credential requirements: Before you run the executable, you must have administrative credentials on the computer where you are installing the software. For more information, see Service Bus 1.1 documentation.

Deployment

Each computer in a computer farm must have this update installed.

Restart requirement

You may have to restart the computer after you apply this cumulative update.

How to uninstall this cumulative update package

To uninstall this cumulative update package, follow these steps:
  1. In Control Panel, open the Programs and Features item.
  2. In the list of installed updates, locate Security Update for Service Bus 1.1 (KB2972621)LDR.
  3. Right-click Security Update for Service Bus 1.1 (KB2972621)LDR, and then click Uninstall.

You can also uninstall this cumulative update package by using the command line. At a command prompt, run the following command:

C:\ProgramData\Microsoft\E-Business Servers Updates\Updates\Uninstall2972621\setup.exe /u 0 /branch LDR

File information

The English (United States) version of this cumulative update package uses a Microsoft Windows Installer package to install the cumulative update package. The dates and the times for these files are listed in Coordinated Universal Time (UTC) in the following table. When you view the file information, the date is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.
File nameFile versionFile sizeDateTimePlatform
Microsoft.ServiceBus.dll2.1.40512.22,906 KB06/12/201410:20 AMx64
Microsoft.Cloud.ServiceBus.Client.dll2.1.40512.22,904 KB06/12/201410:20 AMx64
Microsoft.ServiceBus.Commands.dll2.0.40512.2405 KB06/12/201410:20 AMx64
Microsoft.Cloud.ServiceBus.Messaging.dll2.0.40512.2644 KB06/12/201410:20 AMx64
CreateMessagingHostClusterSchema.sql17 KB06/12/201410:20 AM
CreateSqlMessagingStoreSchema.sql45 KB06/12/201410:20 AM









Properties

Article ID: 2979588 - Last Review: 14 Feb 2017 - Revision: 1

Windows RT 8.1, Windows 8.1, Windows 8.1 Enterprise, Windows 8.1 Pro, Windows Server 2012 R2 Datacenter, Windows Server 2012 R2 Essentials, Windows Server 2012 R2 Foundation, Windows Server 2012 R2 Standard, Windows RT

Feedback