Microsoft Exchange and Active Directory Blog
A long time ago I had created a small script (Exchange Monitor) which allows a very rudimentary monitoring of Exchange servers. However, the script no longer works with the current Exchange Server versions. I had actually planned to revise the script or I had already experimented with a revised version. Unfortunately, the first ... Read more
Microsoft has released new CUs for Exchange Server 2019 and Exchange Server 2016 today. The CU 5 for Exchange 2019 fixes problems with the search in Outlook when Outlook is operated without cache mode, so the update has probably already been eagerly awaited by some. The CU5 for Exchange 2019 is available as usual ... Read more
Microsoft released a new security update for Exchange Server 2016 and 2019 yesterday. The update closes a vulnerability classified as "Important". Description of the vulnerability: A cross-site scripting (XSS) vulnerability exists when Microsoft Exchange Server does not properly sanitize a specially crafted web request to an affected Exchange server. An authenticated attacker could exploit the vulnerability by ... Read more
In the third part of the article series "Simple measures for more security in AD", I dealt with LAPS for servers and clients. Admittedly: The LAPS article was written some time ago, but the topic has not been forgotten. That's why there is now a new article on "Simple measures for more security in AD". In this fourth part ... Read more
On February 13, 2020, Microsoft released updates for all Exchange Server versions for the vulnerability CVE-2020-0688. If you have not already done so, you should install the update as soon as possible, as it is now known how the vulnerability can be exploited. Although an attacker must first authenticate themselves on the Exchange Server, it is then possible to take control of the ... Read more
Various users keep reporting problems with the search function of Outlook and OWA in connection with Exchange Server 2019. I have also had problems with the search function and the Exchange 2019 index, which I have already described here: A reader also has problems with the search after the migration to Exchange 2019 and in addition ... Read more
Microsoft has released a new security update for Exchange Server 2010 - 2019. The update fixes the following vulnerabilities: CVE-2020-0692 | Microsoft Exchange Server Elevation of Privilege Vulnerability CVE-2020-0688 | Microsoft Exchange Memory Corruption Vulnerability The update is given the severity level "Important", click here to go directly to the downloads: Download Security Update For Exchange Server 2019 ... Read more
Spam filters are sometimes easy to bypass, and I have already shown one possible way of doing this. It is usually difficult for users to recognize whether it is a valid and harmless email or whether all hell will break loose in the form of Emotet malware with the next click. In many environments, a few clicks by a user are actually enough to ... Read more
Emails are known to be the main gateway for malware, viruses and all sorts of other nasty things. Unfortunately, the Exchange Server does not come with a proper spam filter, so other products have to be used for effective defense against spam and malware. Unfortunately, even the best spam filter lets a malicious mail through from time to time and of course it happens ... Read more
I have already reported several times about the possibility of obtaining free S/MIME certificates for signing and encrypting emails. There are now only a few providers that still offer free certificates. Some of the providers mentioned in the previous articles either do not issue certificates at all or only issue certificates with a 90-day validity period. All 90 ... Read more
