Microsoft Exchange and Active Directory Blog
After the first version of the security update was withdrawn by Microsoft, a bug-fixed version has now been released. According to initial reports, this update can now be installed on non-English Exchange servers without any problems. Click here to download the update: Microsoft has also published a list of instructions on the Exchange Team Blog: On non-English ... Read more
Microsoft has released new security updates for Exchange Server 2016 and 2019. The update fixes 6 vulnerabilities that are marked as important. In addition, further adjustments are necessary after installing the updates. There are currently no indications that the vulnerabilities are being exploited. Click here to download the updates: The following vulnerabilities are fixed: ... Read more
On an Exchange 2019 server, I noticed inherited permissions that were deliberately not set in this way. I suspect that these are standard permissions that are set when Exchange servers are installed. In this case, an account that was used for installation has quite extensive permissions at mailbox and database level. I noticed ... Read more
A reader, who wishes to remain anonymous, has kindly sent me his scripts and configuration for Let's Encrypt, HAProxy and Exchange 2019 in conjunction with Extended Protection so that I can publish them here. First of all, I would like to thank you very much, because I think this configuration (HAProxy as a reverse proxy for Exchange, certificates via Let's ... Read more
Nobert has informed me that Microsoft has updated the prerequisites for the installation of Exchange Server 2019 and 2016. The Windows feature Message Queuing (MSMQ) is no longer required and can be uninstalled from the Exchange servers. The two Windows features "Message Queuing (MSMQ) Activation" and "Message Queuing" are removed with the automatic installation of the ... Read more
Microsoft has released new security updates for Exchange Server 2016 and 2019. The update fixes two remote code execution vulnerabilities with a severity rating of "Important". Click here to download the updates: The vulnerabilities are not yet being actively exploited. However, the available updates should be installed as soon as possible. Click here for the article on the ... Read more
The following error often occurs after migrating an Exchange server. Outlook cannot download the offline address book with cache mode switched on and displays the following error message: "Error (0x8004010F) while executing the task: Error during operation. An object cannot be found." The error can occur if the address book was migrated to an offline ... Read more
In order to continue to guarantee the security of Exchange Online, Microsoft is gradually starting to block old Exchange Server versions. The new system, which is now being introduced gradually, is called the "Transport-based Enforcement System" and has three functions: Reporting, throttling and blocking. In the first stage, administrators are informed that old Exchange Server versions are present in the company. Read more
Microsoft has updated the recommendations for exclusions for virus scanners on Exchange Server: Specifically, contrary to the original recommendation, these directories and processes should no longer be excluded from the virus scanner: Existing exclusions for virus scanners should therefore be adjusted. The script from Paul Cunningham, which creates a list of all exclusions, is suitable for new Exchange installations: Unfortunately, ... Read more
The "Windows Extended Protection" security feature was introduced with a security update in August 2022 for Exchange Server 2013, 2016 and 2019 and protects against man in the middle (MitM) attacks. In small organizations where there is only a single Exchange Server, without load balancers and web application firewalls, Windows Extended Protection can be activated quite easily. In ... Read more
