Microsoft's August 2023 Exchange Server security update (SUs) had major issues, so much so that the tech giant had to pull the updates. The issue has been resolved with re-published SUs.
Exchange server RSS
Microsoft has confirmed that Outlook for Mac is having connectivity issues with Exchange Servers, and has provided a workaround for it. All Microsoft 365 services have been very troubled lately.
Microsoft has shared updated requirements for SMTP relay via its Exchange Online platform. The new updated requirement is not applicable yet and is set to roll out towards the end of the year.
Microsoft has released details on how it plans to protect against unsupported, unpatched, vulnerable Exchange Servers. The tech giant says that it will throttle and eventually block such mails.
Microsoft has issued a 31-day warning for Exchange Server 2013 users. On April 11, 2023, the software will no longer be kept secure by Microsoft so users need to migrate to alternative solutions.
Microsoft has recommended IT admins to remove certain objects from antivirus exclusions in Exchange Server environments. This will result in a better cybersecurity posture for your organization.
Support for Microsoft Exchange Server 2013 is ending in less than two months. Microsoft is recommending upgrading to Exchange Server 2019 or migrating to the managed Exchanged Online.
Join us in the latest edition of Microsoft Weekly as we recap all the important stuff from the world of the Redmond tech giant including Windows updates and some good news for developers.
Microsoft is seemingly targeting the improvement of the Exchange Server update and deployment process. One of the considerations includes automatic installation of cumulative updates.
Microsoft has rolled out January 2023's Security Updates (SUs) for support versions of Exchange Server. They include better security for PowerShell payloads, along with a known bug for OWA.
With Basic Auth in Exchange Online slowly being killed off in favor of Modern Auth (OAuth 2.0), Microsoft has detailed the next protocol it's disabling for Exchange Online customers, starting today.
_(1)_medium.jpg)
This edition of Microsoft Weekly recaps a bunch of Windows 11 2022 Update issues, new features introduced to the Dev Channel, recent capabilities added to Teams, and the death of SwiftKey for iOS.
Microsoft has started deprecating Basic Auth in Exchange Online starting from today, as it has been warning for years. Customers are encouraged to migrate to Modern Auth (OAuth 2.0).
Microsoft has issued an advisory about two 0-day vulnerabilities affecting on-premises installations of Exchange Server. Unfortunately, no fix is available yet but there are a couple of mitigations.
_medium.jpg)
Microsoft has introduced a new software updates page in the Microsoft 365 admin center to provide more information in this area for Windows and Office apps. However, it is currently in preview only.
_medium.jpg)
This week's digest recaps a hefty amount of news related to Microsoft Edge, some about a Windows 11 Dev Channel build, and an exploit that affects virtually all supported versions of Windows.
_medium.jpg)
Microsoft has announced that the next version of Exchange Server will now launch in 2025. It has blamed cyberattacks on on-premises Exchange servers for making it miss the initial 2021 deadline.
Microsoft has announced a significant change to its delivery process for Security Updates and Hotfixes to Exchange Server. The aforementioned updates will now be offered through .exe packages too.
Microsoft has reminded organizations that it is deprecating Basic Auth for most protocols in Exchange Online in October 2022. The disabling process will be randomized so it's best to be prepared.
This week, we are recapping a bunch of updates for Microsoft apps and services, Windows updates (and the lack of them), and some incidents in the cybersecurity space. Read about all of this here!
Microsoft has revealed new capabilities coming to Reply-all Storm Protection in Exchange Online. Exchange admins will be able to add reports, a GUI for settings, and an alert flow to their arsenal.
A security company has published details about Hive ransomware currently targeting vulnerable Microsoft Exchange servers and encrypting environments with a "windows.exe" file containing ransomware.
_medium.jpg)
Google's Project Zero team has published its findings for 0-day exploits in the year 2021. It detected the most 0-days in this year but some positive insights that can be drawn too.
_medium.jpg)
Thanks to the end of the holiday season in the U.S., this was quite an eventful week in the world of Microsoft with news items ranging from CES to Windows 11, to Exchange Server Y2K22 bugs.
The US, European Union, the UK, and NATO countries have expressed concerned over China's numerous cyberattacks on businesses, maritime, aviation, defense, education, and healthcare sectors.
President Joe Biden's executive order comes after a crippling ransomware attack on Colonial Pipeline led to widespread fuel shortages. It will take several days for operations to normalize.
Colonial Pipeline may have been using an outdated version of Microsoft Exchange when it was targeted by a ransomware attack last week. Pipeline operators were warned about potential attacks in 2020
Microsoft has published a detailed advisory, recommending customers to keep their Exchange Server instances updated at all times and to plan maintenance windows to apply security patches.
Microsoft has released a new set of security updates for numerous Exchange Server versions following the discovery of certain security flaws. Exchange Online once again contains protections already.
Microsoft has announced that based on the telemetry data it has been observing from 400,000 on-premises Exchange Server IPs, 92% have applied patches to mitigate the ongoing security vulnerabilities.
Microsoft has enabled Defender Antivirus to automatically mitigate a recent vulnerability in on-premises Exchange server instances. This acts only as a temporary workaround to break the attack chain.
Microsoft has published another advisory regarding ongoing Exchange server attacks, stating that it is pushing emergency updates to patch vulnerabilities in certain out-of-support software as well.
The week brought us Ignite news, Exchange on-prem vulnerability news, and even some expected Insider build news. Make sure to catch up with everything that happened via our handy overview.
Microsoft has revealed that on-premises Exchange servers are under attack from a state-sponsored group operating from China and utilizing 0-day exploits. Exchange Online is safe from the threat.
Microsoft has announced that it will enforce throttling for Exchange mailboxes which receive over 3,600 messages per hour. This threshold was previously treated as a "soft limit" by the company.
Microsoft today announced that its Office 2019 server products are available, almost a month after the standard Office 2019 products launched. These include Exchange, Skype for Business, and more.
Moscow is removing Outlook and Exchange Server from 6,000 systems - and hints at plans to remove Windows and Office from up to 600,000 PCs and servers - as Russia focuses on domestic IT solutions.
Microsoft has rolled out its first preview of Exchange Server 2016, bringing a huge range of improvements, including better performance and reliability, and big changes for the Outlook Web App.
