Posts about:
Microsoft has released Security Updates (SUs) for Exchange 2013, Exchange 2016 and Exchange 2019 that address security vulnerabilities rated ‘Critical’ (Elevation of Privileges) and ‘Important’ (Information Disclosure).
Yesterday, the Exchange Product made several announcements related to Exchange Server. The overall message throughout these announcements can be interpreted as that Microsoft is publicly declaring to be committed to developing and supporting the Exchange Server product. This is especially of interest to those customers running it as part of their on-premises infrastructure and assuring those that believe the road ahead was a dead end, eventually forcing them to move to Exchange Online, or look for alternatives.
By now you must be aware that Microsoft will turn off basic authentication in Office 365 later this year and that will hit Exchange Online severely. It’s not a big deal when it comes to mail clients or the administrator console (EAC), but automation using PowerShell scripts will be impacted and I recently ran into such an issue.
The value proposition for the services in the EM+S E5 suite does not seem like it has been convincing to customers for a while now. Over the last year or so, Microsoft has been putting a lot of work into the Defender services to improve that value proposition, and to provide a better technical security solution for Microsoft 365 customers.
In the announcement that was part of the release of the most recent set of Cumulative Updates for Exchange Server 2019 and 2016, Microsoft introduced some changes – features if you will – which were received with enthusiasm. An overview of these changes was given in a recent ENow blog article: "Exchange Cumulative Updates - April 2022". However, I want take the discussion further and zoom in on one of those features, which also happens to be a popular topic for customers running Exchange Hybrid deployments: The Last Exchange Server.
On April 20, 2022 Microsoft released new Cumulative Updates: Exchange 2016 CU23 and Exchange 2019 CU12. The previous Cumulative Updates were released on September 28, 2021, more than 6 months ago.
Formerly known as “Cloud App Security”, Microsoft Defender for Cloud Apps is a Cloud Access Security Broker (CASB) that is part of the Microsoft 365 Defender suite of products. Defender for Cloud Apps (DCA) is built to help IT departments control the data that their organizations have hosted in multiple cloud services including but not limited to Office 365.
Happy New Year! With the recent change to the new year, a nasty bug similar to the Y2K bug (Y2K22?) appeared in Exchange 2016 and Exchange 2019. On 01/01/2022 at 0:00 hour UTC a date conversion failed inside the product, causing the anti-malware agent to fail. As a result, the Exchange transport service was no longer able to process email and mail started to queue on the Exchange server. This also happens on Exchange 2013, but email is not queued and therefore the issue is not directly visible.
Anyone who has participated in migrations or transitions to Exchange is probably familiar or had to work around potential issues caused by the nickname cache. A “cache,” also known by its file extension, NK2 in older Outlook clients, is a convenience feature in Outlook and Outlook on the web (OWA). It lets users pick recipients from a list of frequently-used recipients. This list is displayed when the end user types in the first few letters:
On September 28, Microsoft released their quarterly updates for Exchange Server: