Microsoft Exchange and Active Directory Blog
Yesterday, Microsoft released a new security update for Exchange Server 2013, 2016 and 2019. The update closes the vulnerability CVE-2020-16969. The vulnerability can be exploited with a specially crafted email, so the update should be installed promptly. The update is classified as "Important". Microsoft describes the vulnerability as follows: An information disclosure vulnerability exists in ... Read more
After a long time there is something to win again. MITP Verlag kindly sent me 4 books, which can now be won as two sets in a small raffle. First of all, many thanks to MITP for providing the books! To take part in this little raffle, all you have to do is ... Read more
I have just uploaded an updated version of the Exchange Certificates Whitepaper. The updated version is available under the same download link: The topic "Multiple Exchange Servers and Certificates" is now a bit more detailed, a short part on certificate revocation lists has been added. Furthermore, a few spelling mistakes have been corrected. Many thanks to Marcel for the hints. If ... Read more
A long time ago I updated the Exchange Certificate Assistant for the last time. The script uses POSH-ACME as a client to automatically request Let's Encrypt certificates, but there are problems with the script from time to time. However, since there is now a much better version that also supports Exchange Server (and other services), I will ... Read more
Today at the Ignite online conference, Microsoft announced the next version of Exchange, SharePoint, Project Server and Skype4Business for the second half of 2021. So the cat is out of the bag, there will be another Exchange Server version for on-prem use next year. A new Office version is also planned for next year. Read more
Originally I had given up the plan to write another white paper on the subject of "Exchange and certificates". However, there still seem to be very frequent problems with the configuration of certificates in connection with Exchange servers. There are already a few articles and scripts here, so now a comprehensive whitepaper on the subject will follow ... Read more
The annual Microsoft Ignite conference will take place online this year. Participation is even free of charge this year, interested parties can register for free at the following link and take part in the online conference between 22.09 and 24.09.2020: https://myignite.microsoft.com/home In addition to many other interesting presentations, there will also be a few sessions on Exchange Server. ... Read more
Microsoft has released new Cumulative Updates (CU) for Exchange 2016 and Exchange 2019 today: Exchange Server 2019 Cumulative Update 7 (KB4571787), VLSC Download Exchange Server 2016 Cumulative Update 18 (KB4571788), Download, The Exchange 2019 CU 7 is also already available for download via MyVisualStudio. Here is a list of the fixed issues: 4570248 "Get-CASMailbox" uses a ... Read more
Microsoft has released a security update for Exchange Server 2019 and Exchange 2016 to close a vulnerability classified as "critical". Specifically, it concerns the vulnerability CVE-2020-16875: A remote code execution vulnerability exists in Microsoft Exchange server due to improper validation of cmdlet arguments. An attacker who successfully exploited the vulnerability could run arbitrary code ... Read more
Once an Exchange 2019 server has been configured, an SSL certificate needs to be installed. To configure the certificate correctly, the hostnames that are relevant for the certificate must be determined. The following script reads the hostnames from the configured URLs of the virtual directories and displays the corresponding hostnames in the Exchange Management Shell ... Read more
