Share via

ECP breakage

Mote Jeffery 80 Reputation points
2026-03-13T00:49:14.89+00:00

I just finished applying the February 2026 Security Update (KB5074992) to our remaining Exchange 2016 CU23 nodes, we are still on the ESU program until the April cutoff but now OWA and ECP are throwing 500 errors.

It seems like the update failed to stop the services correctly because of a UAC hang, and now the Health Checker says the server is still vulnerable even though the KB is listed in the installed updates.

Exchange | Exchange Server | Management
Exchange | Exchange Server | Management

The administration and maintenance of Microsoft Exchange Server to ensure secure, reliable, and efficient email and collaboration services across an organization.

0 comments

Answer accepted by question author

Steven-N 25,305 Reputation points Microsoft External Staff Moderator
2026-03-13T01:47:58.71+00:00

Hi Mote Jeffery

As the information stated in OWA or ECP stops working after you install a security update, this behavior typically indicates User Account Control (UAC) is enabled but the update is not executed from an elevated context. In this scenario, Exchange services may not stop correctly during installation, leaving the update in a partially applied state. As a result, Outlook on the web (OWA) and Exchange Control Panel (ECP) can return HTTP 500 errors.

Given this, you can read the solution documented at this LINK, to reinstall the same security update using an elevated command prompt, even if the KB is already listed as installed. This ensures all Exchange binaries and configuration changes are correctly applied. After reinstalling the update, restart the server.

If OWA or ECP still return HTTP 500 errors, verify the IIS configuration for the ECP virtual directory, specifically the BinSearchFolder application setting, and correct any unresolved environment variables by replacing them with explicit Exchange installation paths.

Hope my answer will help you, for any further concern, kindly let me know in the comment section.

Regards

If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".     

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Was this answer helpful?

0 comments

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest

  1. AI answer

    2026-03-13T00:49:29.0233333+00:00

    The behavior matches a known issue where an Exchange security update is installed without elevated permissions on a server with UAC enabled. This leaves OWA/ECP returning HTTP 500 and Health Checker reporting the server as still vulnerable even though the KB shows as installed.

    To fix the broken OWA/ECP and correctly apply the SU, reinstall the February 2026 SU from an elevated command prompt and then run the post-update Exchange scripts:

    1. Reinstall the security update with elevation
      1. Log on to the Exchange server with an account that has local administrator rights.
      2. Select Start, type cmd.
      3. Right‑click Command Prompt and select Run as administrator.
      4. If User Account Control appears, approve it to open an elevated command prompt.
      5. In the elevated command prompt, run the .msp for KB5074992 by typing its full path and pressing Enter.
      6. Wait for the update to complete, then restart the server.
      This step is required even if the KB already appears in Installed Updates; the previous attempt under non‑elevated context can leave binaries and config in an inconsistent state and cause the HTTP 500 / Microsoft.Exchange.Common assembly errors.
    2. If ECP/OWA are still failing after reinstall If after the elevated reinstall and reboot ECP still shows HTTP 500 or Could not load file or assembly 'Microsoft.Exchange.Common, Version=15.0.0.0...':
      1. Open IIS Manager.
      2. Go to Exchange Back End website → ECP virtual directory.
      3. Open Application Settings and select BinsearchFolder.
      4. Verify the paths point to the actual Exchange install directories. If they show variables like %ExchangeInstallDir%bin;%ExchangeInstallDir%bin\CmdletExtensionAgents;%ExchangeInstallDir%ClientAccess\Owa\bin, replace them with the concrete paths, for example: C:\Program Files\Microsoft\Exchange Server\V15\bin; C:\Program Files\Microsoft\Exchange Server\V15\bin\CmdletExtensionAgents; C:\Program Files\Microsoft\Exchange Server\V15\ClientAccess\Owa\bin Adjust drive or version only if Exchange is installed elsewhere.
      5. Open an elevated Exchange Management Shell.
      6. Change directory to the Exchange Bin folder, for example: C:\Program Files\Microsoft\Exchange Server\V15\Bin
      7. Run the post‑update scripts: .\u005cUpdateCas.ps1 .\u005cUpdateConfigFiles.ps1
      8. Close the shell, open an elevated Command Prompt, and run: iisreset
      9. Restart the server again and test OWA/ECP.
    3. Re‑run Health Checker After the elevated reinstall and scripts, run the Exchange Server Health Checker again to confirm that KB5074992 is correctly applied and that no additional post‑install actions are required.

    These steps address the specific failure mode where OWA/ECP break and Health Checker still reports vulnerability after a security update that was initially installed without proper elevation.

    References:

    AI-generated content may be incorrect. Read our transparency notes for more information.

    Was this answer helpful?

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.