[German]Microsoft has released security updates (SU) for Exchange Server 2016 and 2019 on November 12, 2024. These updates close vulnerabilities found by Microsoft or security partners in Exchange Server. Below is an overview of which updates are available for Exchange Server (On-Premises).
Advertising
I came across the following tweet from the Exchange team on the Techcommunity post Released: November 2024 Exchange Server Security Updates.
According to a Techcommunity post, security updates (SU) have been released for both Exchange Server 2016 and Exchange Server 2019. The following CUs are currently available:
The November 2024 updates (CU) contain fixes for security issues reported by security partners or found internally. Here are the relevant security updates (SUs):
- Security Update For Exchange Server 2019 CU13 SU7 (KB5044062)
- Security Update For Exchange Server 2019 CU14 SU3 (KB5044062)
- Security Update For Exchange Server 2016 CU23 SU14 (KB5044062)
Although Microsoft is not aware of any active exploits in the wild, the manufacturer recommends installing these updates immediately to protect Exchange Server installations. Details on the update installation and the vulnerabilities can be found in the Techcommunity article and in the support article KB5044062.
Advertising
These vulnerabilities affect Exchange Server (on-premises). Exchange Online customers are already protected from the vulnerabilities addressed by these SUs and do not need to take any action other than updating all Exchange servers or Exchange Administration Tools workstations in their environment.
Exchange Server AMSI integration
In the Techcommunity article, Microsoft explains that improvements have been made to the Exchange Server AMSI integration. Once the November 2024 SUs are installed, the ability of products that use Exchange Server AMSI integration to perform additional tasks on message texts has been enhanced.
The feature is disabled by default and can be enabled for each protocol individually. Microsoft recommends enabling this feature for a subset of services first, as this may cause performance issues. In addition, Microsoft asks for feedback if problems occur after enabling the Exchange Server AMSI text scan. More information on how this feature works and how to control it can be found here.
Non-compliant RFC 5322 P2 FROM header detection
To fix the vulnerability CVE-2024-49040, a new feature has been implemented to detect non-RFC 5322 compliant P2-FROM headers in incoming email messages. The P2-FROM header in an email is part of the message header that is displayed to the recipient's email client (e.g. Outlook). It is the email address or the name of the sender (if the sender is internal) that is displayed in the "From" field when you view an email in your inbox. Further information can be found here.
Improvements to ECC certificate support
The November 2024 SU improves support for ECC certificates. ECC certificates can now be used on Edge Transport servers and bound to POP and IMAP services. It should be noted that there is a change in the activation of ECC certificate support. In the previous implementation, a New-SettingOverride was required to enable the feature. From the November 2024 SU, administrators must create a registration value instead of the override. Further information can be found in the documentation.
Similar articles:
Microsoft Security Update Summary (November 12, 2024)
Patchday: Windows 10/Server Updates (November 12, 2024)
Patchday: Windows 11/Server 2022 Updates (November 12, 2024)
Patchday: Windows Server 2012 / R2 and Windows 7 (November 12, 2024)
Exchange Server 2019: No more CUs in 2023; CU14 and CU15 coming in 2024
Advertising
