EWS web application pool stops after the February 2023 Security Update is installed
Exchange Version: Exchange Server 2019 Exchange Server 2016
After you install the Exchange Server February 2023 Security Update on Microsoft Exchange Server 2019 or 2016, the Exchange Web Services (EWS) web application pool stops responding under certain circumstances. When this occurs, clients that use the EWS protocol experience connectivity issues.
Additionally, the following Event ID 4999 is logged in the Application log:
E12IIS, c-RTL-AMD64, 15.01.2507.021, w3wp#MSExchangeServicesAppPool, M.Exchange.Diagnostics, M.E.D.ChainedSerializationBinder.EnforceBlockReason, M.E.Diagnostics.BlockedDeserializeTypeException, 437c-dumptidset, 15.01.2507.021.
Microsoft is researching this issue and will post more information in this article when the information becomes available.
If you are experiencing this issue, we recommend that you keep the February 2023 Security Update installed and apply the following workaround:
- Create the following registry value on all Exchange Server-based servers that are running the February 2023 Security Update:
To create the registry value by using PowerShell, run the following command:
New-ItemProperty -Path HKLM:\SOFTWARE\Microsoft\ExchangeServer\v15\Diagnostics -Name “DisableBaseTypeCheckForDeserialization” -Value 1 -Type String
- Create a global setting override. To do this, run the following command:
New-SettingOverride -Name “Adding learning location ClientExtensionCollectionFormatter” -Component Data -Section DeserializationBinderSettings -Parameters @(“LearningLocations=ClientExtensionCollectionFormatter”) -Reason “Deserialization failed”
Note: This command must be run only one time.
- Refresh the VariantConfiguration argument. To do this, run the following command:
Get-ExchangeDiagnosticInfo -Process Microsoft.Exchange.Directory.TopologyService -Component VariantConfiguration -Argument Refresh
Note: This command is optional. This setting should become effective automatically within one hour.
- To apply the new settings, restart the World Wide Web Publishing service and the Windows Process Activation Service (WAS). To do this, run the following command:
Restart-Service -Name W3SVC, WAS -Force
Note: This command is optional. The services should restart automatically within one hour.
Note: After the workaround is applied, instances of Event ID 4999 might still be logged. However, the functionality will be restored, and the EWS application pool should no longer stop.