Early August 2022, the Vietnamese organization GTSC Cyber Security noticed anomalies in their SOC and they discovered their Exchange servers were under attack. They quickly determined the attack utilized an unpublished Exchange security vulnerability. Due to earlier Exchange attacks GTSC quickly uncovered the vulnerability and Microsoft was informed about the vulnerability at this time. Microsoft needed some time as well for investigation and remediation, but the Exchange world was made aware of potential 0-day vulnerabilities this Thursday (09/29) through the following tweet by security researcher Kevin Beaumont:
ENow Software's Exchange blog built by Microsoft MVPs for IT/Sys Admins.
Android OS – Changing from basic auth to modern auth connectivity on your Android mobile device. (To learn more about changing on iPhone, click here)
In earlier post on this blog we discussed Microsoft turning off basic authentication and what you must do on an iPhone or Android to change to modern authentication. The last blog about clients is this one, where we discuss how to reconfigure Outlook for Mac to use Modern Authentication.
MacOS comes with a native mail client which is not very different compared to the native mail client in iOS for example. For use with Exchange Online, the Outlook for Mac client is strongly recommended (and most used).
If your Outlook for Mac stops working somewhere in October because of Microsoft turning off basic authentication, it is just a matter of recreating the profile in Outlook. Multi-Factor Authentication is not enforced when Microsoft is moving from basic authentication to modern authentication, but it is strongly recommended to start using multi-factor authentication because it reduces the risk of being hacked dramatically. This is discussed in a future blog (soon).
To ensure that you continue to receive emails on Outlook for Mac, we need perform the following steps:
iOS – Changing from basic auth to modern auth connectivity on your Apple device. (To learn more about changing on Android, click here)
Microsoft will stop support for basic authentication in Office 365 starting October 1, 2022. Uhm, that’s a week from the time of writing. That sounds scary, but Microsoft is already stopping basic authentication for tenants for quite some time, so chances are that it is already turned off for your organization.
By now you must be aware that Microsoft will turn off basic authentication in Office 365 later this year and that will hit Exchange Online severely. It’s not a big deal when it comes to mail clients or the administrator console (EAC), but automation using PowerShell scripts will be impacted and I recently ran into such an issue.
The value proposition for the services in the EM+S E5 suite does not seem like it has been convincing to customers for a while now. Over the last year or so, Microsoft has been putting a lot of work into the Defender services to improve that value proposition, and to provide a better technical security solution for Microsoft 365 customers.
Decommissioning the last Exchange server
When you are in an Exchange hybrid configuration and you have migrated the last Mailbox to Office 365, you might wonder what to do with the last (couple of) Exchange server that is still running on-premises. Can you decommission your last Exchange server because all your Mailboxes are in the cloud? From a supportability point of view the answer is still “No, you can’t decommission the last Exchange server because you need it for management purposes” and most customers think this is disappointing. Let me explain why we still need this last Exchange server.
Securing Exchange Servers
Securing Exchange servers is hard. I mean it can be a giant pain sometimes. There are what, hundreds of millions or maybe billions of lines of code running on your Exchange servers, right? It doesn’t take much for a typo to get through and open a vulnerability that can then be exploited opening the most important and valuable data within your organization to all kinds of bad actors.
Exchange on-premises and Microsoft Teams
With the work from home going on due to the COVID-19 crisis there’s an increasing demand for tools like Zoom, Skype for Business and Teams. While Zoom is doing a great job for personal use, I prefer Skype for Business or Microsoft Teams for business use.