Exchange Quarterly Updates, September 2021
On September 28, Microsoft released their quarterly updates for Exchange Server:
- Exchange Server 2019 Cumulative Update 11
- Exchange Server 2016 Cumulative Update 22
ENow Software's Exchange blog built by Microsoft MVPs for IT/Sys Admins.
Posts about:
On September 28, Microsoft released their quarterly updates for Exchange Server:
Social media exploded when an ISV who specializes in security released a blogpost about a vulnerability they found in Autodiscover, the protocol that is used by mailclients to discover Exchange configuration and configure themselves. Outlook is the client that uses Autodiscover the most, but mobile clients and third party applications can use Autodiscover as well.
The best way to learn about any technology, and specifically Exchange Server, is to be as hands-on as can be. And the most effective way to be hands-on without risking your production environment is to build a separate test lab.
When it comes to cybersecurity, the threat landscape over the last 12 months has never been more complex and challenging. During Microsoft’s annual partner event, Microsoft Inspire, a strong emphasis was put on trust and security. According to Microsoft, they have been busy thwarting and tracking the following:
On-premises Exchange servers are still a thing, and with future versions of Exchange coming on-premises we can assume they still will be for some time to come and on-premises Exchange monitoring is recommended. If your organization still runs on-premises Exchange servers, then Datacenter Activation Coordination (DAC) is a feature you need to understand.
“Cut-over” . . . . Even the word itself sounds abrupt. The pressure of preparing all your data, especially your critical Exchange email data, and then trying to move all of it all at once without creating disruption for users is neither a trivial project nor a welcome prospect.
There are still thousands of cyberattacks targeting zero-day security vulnerabilities in Microsoft Exchange Server faster and more furious every single day as malicious hackers attempt to target organizations that have yet to apply the security patches released to mitigate them.
With the HAFNIUM experience still fresh in mind, we are a bit worried about other vulnerabilities and security updates for Exchange. The last two weeks there were rumors about new vulnerabilities in Exchange.
On April 13, 2021 Microsoft released new and urgent security updates for Exchange server 2013, 2016 and 2019 that addresses four Remote Code vulnerabilities:
If you haven’t read part 1 and part 2 of this article series yet, we recommend you do. Reading parts 1 and 2 are essential for proceeding part 3.
Moving past parts 1 and 2, I now have all my clients using my new inventory classes I created. I’ve verified with a few clients that they are successfully sending this data to the site server. What’s next? The next piece of this process is to query the database, however this is an optional step. What we'll discuss next is setting up the SSRS report, but I always like to setup a SQL query in the SCCM console first. It’s a quick and easy way to figure out what’s in your database.
Most organizations are spread across multiple locations in today’s business world. Exchange being such a critical application, it’s essential to make sure that it is up and running around the clock without any downtime. Regarding High Availability and Disaster Recovery, Exchange 2013 has many features due to new improvements and some changes with DAGs as compared to Exchange 2010.