With the free Microsoft Tool EMET Windows installations can be protected against many attacks. It can also be installed on Exchange servers. I have not encountered any problems in my tests so far, but extensive testing is essential. Here is a little howto.
EMET can be downloaded here:
https://www.microsoft.com/en-us/download/details.aspx?id=46366
The installation essentially consists of clicking "Next
In between, a wizard asks for the settings. I have selected "Use Recommended Settings" here
Once EMET is installed, it must be configured for the Exchange services. To do this, start the EMET GUI and select the Exchange processes in the lower part of the GUI.
The respective Exchange service can be added to the EMET configuration by right-clicking and selecting the "Configure Process" option:
The settings in the window that opens can be accepted
After the processes have been configured, either the services or the entire server must be restarted. After the reboot, the Exchange services are marked with a green tick:
I then also activated Data Execution Prevention (DEP) and Structured Execption Handler Overwrite Protection (SEHCP).
So far I have not noticed any problems, ECP, OWA and Outlook are running normally. I will continue to monitor this and update the article if necessary
