Microsoft Exchange and Active Directory Blog
Microsoft has released new security updates for Exchange Server 2013, 2016 and 2019. The prompt installation of the security updates for the affected Exchange versions is recommended by Microsoft, as the vulnerabilities are already being exploited: As active exploitation of related vulnerabilities in the wild is known (limited targeted attacks), our recommendation is to install these updates immediately to prevent ... Read more
The last article on Sophos XG in conjunction with Exchange is a bit outdated, so here is an updated version. At the moment SFOS 18 is current, I tested version 18.0.4 MR-4. My small test environment is set up as follows: Exchange is set to the hostnames outlook.frankyswebweblab.de for ... Read more
Microsoft has released new security updates for Exchange Server 2016 - 2019. This is a fix for the following vulnerability: CVE-2021-24085: Microsoft Exchange Server Spoofing Vulnerability However, the vulnerability is listed as "Low" severity and an attacker must have Exchange Server credentials to exploit the vulnerability: An ... Read more
Exchange transport rules can be used to perform certain actions when receiving or sending emails. For example, mails can be redirected, rejected or provided with a disclaimer using a transport rule. There are many ways to implement certain actions for mails using transport rules, but with many transport rules it can quickly become a little confusing and it is not always clear which ... Read more
The latest CUs for Exchange Server for 2020 were released by Microsoft today. They fix the problem that no attachments can be downloaded from other mailboxes via OWA and that Outlook only displayed a maximum of 175 results in cached mode. This limit has now been raised to 1000 results. The previous security updates are ... Read more
Microsoft has released security updates for a number of vulnerabilities in Exchange Server today, and there is also an update for Exchange 2010. The following vulnerabilities are closed for Exchange 2016 and Exchange 2019: CVE-2020-17117 | Microsoft Exchange Remote Code Execution Vulnerability CVE-2020-17132 | Microsoft Exchange Remote Code Execution Vulnerability CVE-2020-17141 | Microsoft Exchange Remote Code ... Read more
After renewing the Exchange backend certificate, frequent channel error messages may appear in the event log if the POP3 service of the Exchange server is used. The following two error messages may appear after the certificate has been changed: Source: Schannel Event ID: 36871 Level: Error Fatal error while creating the client credentials for TLS. The internal error status ... Read more
Microsoft today released new security updates for all Exchange Server versions that are still supported. The updates address a total of 3 vulnerabilities: CVE-2020-17083 | Microsoft Exchange Server Remote Code Execution Vulnerability CVE-2020-17084 | Microsoft Exchange Server Remote Code Execution Vulnerability CVE-2020-17085 | Microsoft Exchange Server Denial of Service Vulnerability As two of the vulnerabilities allow remote code execution, it is recommended to ... Read more
Here is another error that can lead to despair, as there are some suggestions for a solution on the net, but they didn't help me. I had to install Exchange 2016 CU 17 for a customer and, as many people know, .NET Framework 4.8 is required for this. However, as the customer still ... Read more
In a somewhat older article, I already mentioned InfluxDB, Grafana and Telegraf. Grafana makes it easy to create attractive dashboards for all kinds of systems. The three tools mentioned are often used for the dashboards, InfluxDB as a database for storing the metrics, Grafana and displaying the dashboards and Telegraf to ... Read more
