It's not really an exchange problem, it's a bug in the 22D update. It doesn't fully understand what the exchange policy is set to. Meaning if the exchange policy is disabled, (or requires a password/pin of 4 digits or less) 22D still forces you to enter 4 digits. The 22D update requires a 4 digit pin/password no matter what. The only time it will make a difference is when the policy is set to more than 4 digits. There are policy settings to force a pin or a password. That will change the phone display to either a number pad or a full keyboard display, but still requires at least 4 digits/characters no matter what...exchange policy enabled or disabled.
I've done extensive testing on our corporate exchange servers (we have over 60,000 users on exchange, so it's not just a home server I hack around on). I have tested this on 2003 and 2010, they both do the same.
yea for updates