Posted by: kurtsh | February 11, 2013

NEWS: Got Exchange? Don’t upgrade to iOS 6.1

UPDATE 2/15/13 8:00AM
eWeek writes about the nature of the OS bug that Apple distributed to all iDevice users upgrading to iOS 6.1.

And in case you hadn’t heard, in addition to the other reported iOS 6.1 bugs (the cellular networking bug, the Exchange ‘ping’ bug) a pretty surprising information security bug has emerged:  “With the right sequence of button clicking, it’s possible to get to an iPhone user’s voicemails, contacts, and photos—even if the iPhone is locked and password protected.”

——————-

UPDATE 2/13/13 1:59PM:
As of 8:25AM this morning when I checked, Apple produced their own KB article for the ongoing issue of ‘Rapid growth in transaction logs, CPU and memory consumption on Exchange 2010 when a user syncs mailbox when you use an iOS 6.1 device':

The article points that a fix would be made available in their upcoming software update and listed steps to avoid the bug.

——————-

UPDATE 2/12/13 11:37AM:
We have a formal support document that describes our current statement around our understanding of the matter:

  • MICROSOFT SUPPORT: Rapid growth in transaction logs, CPU use, and memory consumption in Exchange Server 2010 when a user syncs a mailbox by using an iOS 6.1-based device
    http://support.microsoft.com/kb/2814847

——————-

UPDATE 2/11/13 3:27PM:
Apple has reportedly released a 6.1.1 update to iOS.  I don’t know if this fixes the issue for certain however based on the articles I’ve read, the matter may be addressed.  As soon as I hear anything, I’ll edit this post:

UPDATE:  Nope.  They still haven’t fixed the problem as of 2/12/13.

——————-

UPDATE 2/11/13 1:38PM:
So I got a more proper explanation which supersedes that which I’d provided originally:

EAS/iOS 6.1 Repeated Meeting Response Creates Transaction Log Growth Issue:  After the recent release of iOS 6.1 Update, our customers are reporting an issue around how iOS is communicating with Exchange server when the user responds to a meeting invite or update using iOS device. The behavior is such that iOS gets an error back from Exchange when trying to issue the meeting response command and simply retries the command over and over again. Depending on whether the user is an Exchange On-Premises or Exchange Online (Office 365) customer, this will have a slightly different impact.

  • Exchange Online customers: The iOS device will get blocked by Exchange Online for issuing too many commands in a short period of time (EAS Throttling). The end user will get an error message on the device stating that the service is unavailable.
  • Exchange On-Premises customers: The iOS device will continuously retry the meeting response operation – there is no automatic blocking of this behavior. This results in server side resource consumption issues (like transaction log growth, server/CPU load increase, etc.) which can potentially impact other users in the environment. The effects of this behavior seem to be magnified for customers who have configured Exchange compliance features (litigation hold, single item recovery, etc.).

Status: We are working with Apple’s support and engineering teams on this issue.

If we have any end users affected by this issue, they should report the issue to Apple Support and engage with Microsoft Support for any help needed on server side.

At this time, here are some recommended action items for customers to mitigate or prevent this issue:

  1. Consider delaying the rollout of iOS 6.1 or blocking 6.1 devices in your organization.
  2. If iOS 6.1 is already deployed, consider advising users to not respond to meeting invites or updates using iOS 6.1 devices.
  3. Exchange administrators should monitor transaction log growth if they know they have iOS 6.1 devices connecting to their Exchange infrastructure.
  4. If iOS 6.1 devices are found to be repeatedly issuing meeting response commands to Exchange, Administrator can delete the user’s device partnership in EMC or advice user to delete & recreate the EAS mail account profile on the device.

————————

This is causing havok all over the place for folks with Exchange infrastructures.  Issues that have arisen as a result of this issue include draining the device battery, halting email connectivity, and chewing up your data usage. (And this is just the list of issues that I’ve read from the articles below)  If you want to avoid this, don’t upgrade your iDevice to Apple iOS 6.1:  Wait until it’s patched.

To be clear, this is an issue that has arisen only as of the release of Apple iOS 6.1.  iOS devices connected to Exchange Activesync backends, when responding to meeting invite changes or updates, are making repeated commands and are effectively floodpinging the mail infrastructure.  This overwhelms the servers like a Denial of Service attack & after a certain threshold (EAS Throttling), the Exchange Activesync infrastructure refuses requests from that device for a certain period of time.  This effectively disconnects that device from email.  Raising the threshold before the device is ignored on the Exchange infrastructure does nothing because ultimately, the device will reach that threshold anyway.  More importantly, the surge in traffic results in potentially no one being able to get email.

This issue does not exist for Android/Windows Phone users.  There’s more to the issue than just this but again, this is not an issue for Android or Windows Phone users.  The result to the end users are:

  • The device is constantly draining its battery
  • Email connectivity is constantly disrupted; emails that are in the ‘Outbox’ sometimes don’t get sent even after email connectivity has been restored
  • Network utilization increases which is an issue if the device has a data cap

Vodafone has recommended that people hold off on the upgrade entirely and there are plenty of articles reporting the issue:


Categories

Follow

Get every new post delivered to your Inbox.

Join 174 other followers

%d bloggers like this: