Microsoft Exchange and Active Directory Blog
Microsoft has released new security updates for all Exchange Server versions (2013 - 2019). This time it concerns the vulnerabilities that were successfully used in Pwn2Own 2021 to attack Exchange Server. The following vulnerabilities are fixed: CVE-2021-31209 CVE-2021-31207 CVE-2021-31198 CVE-2021-31195 Here is a description from the Pwn2Own website, presumably exactly this vulnerability is now fixed: The ... Read more
I have just released the new version of the Exchange Reporter. Besides a small bugfix regarding the incorrectly displayed failover time of the databases within a DAG, three new modules are now available. Two of the new modules were contributed by Leslie. Leslie has already found and reported many bugs in the previous versions, so he deserves ... Read more
From time to time it happens that you have to remove an email from your mailbox, for example because it should not have been sent in this way. Experience shows that this often happens with internal newsletters. The question often arises as to whether the mail has already been read, and if so, by how many recipients. With Exchange servers ... Read more
When routing emails in Exchange Hybrid mode, the following error may occur between Exchange on-prem and Microsoft 365 mailboxes when sending mails from a local mailbox (or an external sender) to an M365 mailbox: Remote Server returned '554 5.4.108 SMTPSEND.DNS.MxLoopback; DNS records for the next hop domain are configured in a loop -> ... Read more
Microsoft has released new security updates for all Exchange Server versions (2013 - 2019). These are likely to fix the vulnerabilities that were used in the Pwn2Own 2021 to attack Exchange Server. The following vulnerabilities are fixed: CVE-2021-28483 CVE-2021-28482 CVE-2021-28481 CVE-2021-28480 Here is a description from the Pwn2Own website, probably exactly this ... Read more
In the case of successfully attacked Exchange servers with the HAFNIUM exploit, the directory permissions may be changed, resulting in affected Exchange servers reporting an error message when installing updates. Here is an example of a directory where the permissions have been changed: As can be seen in the screenshot, the permissions for the principal ... Read more
The exploit for the Exchange vulnerabilities is now publicly available and, as was to be expected, is spreading even further. Initially, the exploit was blocked on GitHub, which naturally resulted in the exploit being published on various sites. In the meantime, the exploit is also available again on GitHub, only on other ... Read more
Due to the severity of the HAFNIUM exploit, Microsoft has released further updates for older Exchange Server versions. However, the updates cannot be obtained via Windows Update, but must be downloaded and installed manually. Further information on the updates can be found here: March 2021 Exchange Server Security Updates for older Cumulative Updates of Exchange Server Some ... Read more
Microsoft has released new security updates for Exchange Server 2013, 2016 and 2019. The prompt installation of the security updates for the affected Exchange versions is recommended by Microsoft, as the vulnerabilities are already being exploited: As active exploitation of related vulnerabilities in the wild is known (limited targeted attacks), our recommendation is to install these updates immediately to prevent ... Read more
Exchange transport rules can be used to perform certain actions when receiving or sending emails. For example, mails can be redirected, rejected or provided with a disclaimer using a transport rule. There are many ways to implement certain actions for mails using transport rules, but with many transport rules it can quickly become a little confusing and it is not always clear which ... Read more
