Microsoft Exchange and Active Directory Blog
I am currently receiving a lot of inquiries about Exchange Server and sending emails via IONOS. As of January 15, 2024, IONOS will discontinue the smarthost function for IONOS mailboxes, which in turn means that Exchange servers can no longer use IONOS as a smarthost. Further information from IONOS can be found here: Apparently, there are quite a lot of people who are affected by this ... Read more
Microsoft has announced that Exchange 2019 CU14 will not be released this year. The CU14 has been postponed to January 2024. Just last year, the publication of Exchange CUs was changed so that only 2 CUs were to be published per year. The plan was to publish one CU in March and another in September. How ... Read more
Microsoft has released new security updates for Exchange Server 2016 and 2019. The updates fix the following vulnerabilities, which are all marked as "Important": Click here to download the updates directly: With the November security updates, the "Certificate signing of PowerShell serialization payload" feature is enabled by default. Before installing the November update ... Read more
Microsoft today released new security updates for Exchange Server 2016 and Exchange Server 2019. The update closes the remote execution vulnerability CVE-2023-36778 and provides a better solution for the vulnerability CVE-2023-21709 from August. There were problems with the August security update and the update was temporarily recalled. The update from October for CVE-2023-36434 ... Read more
Microsoft has recently officially supported HSTS (HTTP Strict Transport Security). However, HSTS is not activated by default and must therefore be activated by the user. But first a few words about HSTS and how it works. What is HSTS and how does it work? HTTP Strict Transport Security (HSTS) is a guideline ... Read more
Microsoft has announced that the next Exchange CU will enable Extended Protection (EP) for Exchange Server 2019 by default. Extended Protection was introduced for Exchange 2016 and Exchange 2019 in August 2022 and previously had to be activated manually. However, anyone who has not yet activated Extended Protection may need to start with the installation of the ... Read more
The new pre-release version of the next Windows Server version was recently published. I installed the current build 25931 in a VM and got a first impression. If you also want to test the new Windows Server version, you can find the download link here: In order to download Windows Server vNext, you have to register as a Windows ... Read more
After the first version of the security update was withdrawn by Microsoft, a bug-fixed version has now been released. According to initial reports, this update can now be installed on non-English Exchange servers without any problems. Click here to download the update: Microsoft has also published a list of instructions on the Exchange Team Blog: On non-English ... Read more
Microsoft has released new security updates for Exchange Server 2016 and 2019. The update fixes 6 vulnerabilities that are marked as important. In addition, further adjustments are necessary after installing the updates. There are currently no indications that the vulnerabilities are being exploited. Click here to download the updates: The following vulnerabilities are fixed: ... Read more
On July 14, 2023, Microsoft reported a security incident that affected Exchange Online and Outlook.com customers. According to Microsoft, the Chinese hacker group Storm-0558 managed to get their hands on a private SIgnature key for generating access tokens for Exchange Online and Outlook.com. With the private key, the hackers were able to generate access tokens for ... Read more
