Microsoft Exchange and Active Directory Blog
Here in the forum and on the Exchange Team Blog there are indications that the installation of the November update for Exchange Server 2016 / 2019 may cause problems. It seems that once again there are problems with servers with German or non-English operating systems when the January update for the Windows Server is installed. ... Read more
The security updates that caused problems with transport rules were released again today. The new updates have the suffix "v2" and are intended to fix the problems. Microsoft writes the following: If the original version of the update is already installed, the V2 update must now be installed to resolve the issues. Even if the original update ... Read more
The security updates for Exchange Server 2016 and 2019, which were released on 12.11.2024, cause problems with the transport rules. In the Exchange Team Blog and in various forums, users are reporting that the transport rules of the Exchange Server no longer work or only work shortly after restarting the Exchange Transport Services. When transport rules are used ... Read more
Microsoft has released new security updates for Exchange Server 2016 and 2019. Click here to download directly: The security update also includes new features: Improvements to the integration of AMSI in Exchange Server As of the release of the November 2024 security update, the ability of products that use Exchange Server AMSI integration has been enhanced to perform additional tasks ... Read more
The CERT-Bund warns on X of more than 15,000 Exchange servers in Germany that are openly accessible from the Internet with at least one vulnerability. Some of the vulnerabilities are already being actively exploited. In March 2024, the BSI had already warned of 17,000 Exchange servers that are openly accessible from the Internet and contain known vulnerabilities. The ... Read more
When configuring mailbox permissions for a group, the following error may occur: The user "testgruppe" was found in Active Directory but isn't valid to use for permissions. Try an SMTP addressinstead. Permissions for groups can only be assigned if it is a security group. For a security group, the values for ... Read more
Microsoft has released new security updates for Exchange Server 2016 and Exchange Server 2019 today. The security update closes the remote execution vulnerability CVE-2024-26198 with the severity level "Important". The vulnerability is not currently being actively exploited, but Microsoft recommends that the update is installed quickly. Click here to download the security update: After installing the March ... Read more
The critical vulnerability CVE-2024-21410 in Exchange Server, which was made public on February 13, 2024, is now being actively exploited. The vulnerability CVE-2024-21410 allows attackers to perform an NTLM relay attack (pass the hash). In this case, attackers can trick a client such as Outlook into logging on to a malicious relay in order to obtain the NTLM credentials. The ... Read more
Microsoft today released new security updates for Exchange Server 2016 and Exchange Server 2019. The update closes the remote execution vulnerability CVE-2023-36778 and provides a better solution for the vulnerability CVE-2023-21709 from August. There were problems with the August security update and the update was temporarily recalled. The update from October for CVE-2023-36434 ... Read more
Microsoft has recently officially supported HSTS (HTTP Strict Transport Security). However, HSTS is not activated by default and must therefore be activated by the user. But first a few words about HSTS and how it works. What is HSTS and how does it work? HTTP Strict Transport Security (HSTS) is a guideline ... Read more
