Store.exe crashes on an Exchange Server 2010 mailbox server if a VSAPI based antivirus software is used

Symptoms
When you use a virus scanning API (VSAPI) based antivirus software in a Microsoft Exchange Server 2010 environment, the Store.exe process crashes on the Exchange Server 2010 mailbox server. Additionally, the following event is logged in the Application log: 
Log Name:      Application
Source:        Application Error
Date:          Date
Event ID:      1000
Task Category: (100)
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      Computer
Description:
Faulting application store.exe, version Version, time stamp TimeStamp, faulting module mdbrest.dll, version Version, time stamp TimeStamp, exception code 0xc0000005, fault offset Offset, process id ProcessID, application start time Time.
Cause
This issue occurs because the Exchange server incorrectly inserts an additional semicolon (;) character to certain properties that are used by the VSAPI 2.6 protocol. When the antivirus software uses these certain VSAPI properties, the additional semicolon causes an unhandled exception. Therefore, the Store.exe process crashes.
Resolution
To resolve this issue, install the following update rollup:
2785908 Description of Update Rollup 5 version 2 for Exchange Server 2010 Service Pack 2

Status
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
More information
For more information about VSAPI scanners, go to the following Microsoft website:
Note This is a "FAST PUBLISH" article created directly from within the Microsoft support organization. The information contained herein is provided as-is in response to emerging issues. As a result of the speed in making it available, the materials may include typographical errors and may be revised at any time without notice. See Terms of Use for other considerations.
Properties

Article ID: 2716145 - Last Review: 12/14/2012 08:52:00 - Revision: 4.0

Microsoft Exchange Server 2010 Service Pack 2

  • kbqfe kbfix kbsurveynew kbexpertiseinter KB2716145
Feedback