Microsoft has released new security updates for Exchange Server 2016 and 2019. Click here to download directly:
The security update also brings new features:
Improvements in the integration of AMSI in the Exchange Server
As of the release of the November 2024 security update, the ability of products using Exchange Server AMSI integration to perform additional tasks on message content has been enhanced. This feature is disabled by default and can be enabled per protocol. It is recommended to enable this feature for a subset of services first, as it is possible that this may lead to performance issues.
Detection of non-compliant RFC 5322 P2 FROM headers
In order to fix the vulnerability CVE-2024-49040, a new function has been implemented to detect non-compliant P2 FROM headers in incoming email traffic. The P2 FROM header in an email is a part of the message header that is displayed in the recipient's email client (e.g. Outlook). It is the email address or the name of the sender (if the sender is internal) that appears in the "From" field when an email is viewed in the inbox.
Improvements to ECC certificate support
The November 2024 security updates improve support for ECC certificates. ECC certificates can now be used on Edge Transport servers and connected to POP and IMAP services. It should be noted that the way in which ECC certificate support can be activated has changed. In the previous implementation, a New-SettingOverride was required to activate the function. From November 2024 SU, a registry entry must be created instead of the override.
Note 14.11.2024: The updates were due to problems withdrawn by Microsoft on 14.11.2024.
Update 27.11.2024: The updates have been republished with the addition v2.