Exchange Center

ENow Software's Exchange blog built by Microsoft MVPs for IT/Sys Admins.

Posts about:

Office 365

October Exchange Zero Day - Everything You Need to Know and Do

Image of Michel de Rooij
Michel de Rooij

Early August 2022, the Vietnamese organization GTSC Cyber Security noticed anomalies in their SOC and they discovered their Exchange servers were under attack. They quickly determined the attack utilized an unpublished Exchange security vulnerability. Due to earlier Exchange attacks GTSC quickly uncovered the vulnerability and Microsoft was informed about the vulnerability at this time. Microsoft needed some time as well for investigation and remediation, but the Exchange world was made aware of potential 0-day vulnerabilities this Thursday (09/29) through the following tweet by security researcher Kevin Beaumont:

Read More

How to reconfigure Outlook on MAC to use Modern Authentication

Image of Edward van Biljon
Edward van Biljon

In earlier post on this blog we discussed Microsoft turning off basic authentication and what you must do on an iPhone or Android to change to modern authentication. The last blog about clients is this one, where we discuss how to reconfigure Outlook for Mac to use Modern Authentication.

MacOS comes with a native mail client which is not very different compared to the native mail client in iOS for example. For use with Exchange Online, the Outlook for Mac client is strongly recommended (and most used).

If your Outlook for Mac stops working somewhere in October because of Microsoft turning off basic authentication, it is just a matter of recreating the profile in Outlook. Multi-Factor Authentication is not enforced when Microsoft is moving from basic authentication to modern authentication, but it is strongly recommended to start using multi-factor authentication because it reduces the risk of being hacked dramatically. This is discussed in a future blog (soon).

To ensure that you continue to receive emails on Outlook for Mac, we need perform the following steps:

Read More
Exchange Server listing image

Decommissioning Your Last Exchange Server

Image of Jaap Wesselius
Jaap Wesselius

Decommissioning the last Exchange server

When you are in an Exchange hybrid configuration and you have migrated the last Mailbox to Office 365, you might wonder what to do with the last (couple of) Exchange server that is still running on-premises. Can you decommission your last Exchange server because all your Mailboxes are in the cloud? From a supportability point of view the answer is still “No, you can’t decommission the last Exchange server because you need it for management purposes” and most customers think this is disappointing. Let me explain why we still need this last Exchange server.

Read More
business man touching cyber padlock

Securing Exchange Servers

Image of Nathan O'Bryan MCSM
Nathan O'Bryan MCSM

Securing Exchange Servers

Securing Exchange servers is hard. I mean it can be a giant pain sometimes. There are what, hundreds of millions or maybe billions of lines of code running on your Exchange servers, right? It doesn’t take much for a typo to get through and open a vulnerability that can then be exploited opening the most important and valuable data within your organization to all kinds of bad actors.

Read More