Microsoft Exchange and Active Directory Blog
Many admins are currently reporting a successful attack on their Exchange server. Many are finding evidence of unauthorized access or even an installed web shell. Many are now unsure what to do or how to proceed. Some are now implementing IIS rewrite rules or deactivating the UM services, for example, as described in this article by ... Read more
Many people have already noticed and reported that the newsletter no longer works. It wasn't actually a newsletter, but rather a notification of new posts. Unfortunately, the WordPress plugin I had been using no longer worked reliably and sending the emails also caused problems. Many ... Read more
Microsoft has released new security updates for Exchange Server 2013, 2016 and 2019. The prompt installation of the security updates for the affected Exchange versions is recommended by Microsoft, as the vulnerabilities are already being exploited: As active exploitation of related vulnerabilities in the wild is known (limited targeted attacks), our recommendation is to install these updates immediately to prevent ... Read more
The Microsoft Ignite digital event starts again tomorrow. As last year, participation is free of charge: https://myignite.microsoft.com/home So if you want to register quickly, you can do so via the link. However, the sessions at the last Ignite were also recorded and posted online on YouTube, for example. So the sessions can also be ... Read more
I found some time to test the preview of Windows Server 2022 and installed the new server operating system from Microsoft in a VM. The preview build 20298.1 was released yesterday. Unfortunately, there is not really much new to see, so there is only a short article here. Participants of the Windows Server Insider ... Read more
The last article on Sophos XG in conjunction with Exchange is a bit outdated, so here is an updated version. At the moment SFOS 18 is current, I tested version 18.0.4 MR-4. My small test environment is set up as follows: Exchange is set to the hostnames outlook.frankyswebweblab.de for ... Read more
Zevenet Loadbalancer is the successor to Zen Loadbalancer, for which I wrote a howto some time ago. Zevenet Loadbalancer is particularly suitable for test environments as it is quick to install and configure and is also free of charge. So here is an updated how-to on Zevenet and Exchange 2019. The Zevenet load balancer ... Read more
Microsoft has released new security updates for Exchange Server 2016 - 2019. This is a fix for the following vulnerability: CVE-2021-24085: Microsoft Exchange Server Spoofing Vulnerability However, the vulnerability is listed as "Low" severity and an attacker must have Exchange Server credentials to exploit the vulnerability: An ... Read more
I recently fell into this trap, because with time-critical VMs, such as domain controllers, which are operated on VMware vSphere, you have to pay attention to a small peculiarity. Since an incorrect time can have far-reaching consequences, here is a short article on the subject. The following problem has occurred. An NTP server ... Read more
Windows servers may display the message "Why did the computer shut down unexpectedly" at every login if the server had previously crashed. Although the message can be confirmed for the current session, it reappears the next time the user logs on: This small problem occurs when a user who is not the "Administrator" logs on, ... Read more
