Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Tag Archives: Exchange
Update on Exchange Server 0-day Vulnerability ZDI-CAN-18333: Fixes, Scripts and EMS Solution
[German]The 0-day vulnerability ZDI-CAN-18333 in Microsoft's on-premises Exchange Servers (2013, 2016 and 2019) became public at the end of September. The vulnerabilities (CVE-2022-41040, CVE-2022-41082) are already being exploited in the wild. Now Microsoft is rolling out URI rewrite rules via … Continue reading
Microsoft's recommendations for Exchange Server 0-day vulnerability ZDI-CAN-18333
[German]Last night I had reported on the blog about a 0-day vulnerability ZDI-CAN-18333 in Microsoft's on-premises Exchange Servers, which is already being exploited in the wild. Within hours, Microsoft has now responded and confirmed that they are currently investigating two … Continue reading
Exchange Server servers attacked via 0-day exploit (Sept. 29, 2022)
[German]There are reports that a new zero-day exists in Microsoft Exchange that is being actively exploited in the wild. Security researchers confirm that some installations – including a honeypot – are already infected. Details about the zero-day are not yet … Continue reading
Tip: Exchange Health Checker – Script extensions by Frank Zöchling
[German]Microsoft offers the Exchange Health Checker, a PowerShell script to check on-premises Exchange installations for problems. The script is continuously developed by Microsoft. Frank Zöchling has now extended the Exchange Health Checker with a script to automatically make important settings … Continue reading
Update for Exchange Extended Protection script, but still errors
[German]August 2022 security updates for Microsoft Exchange (on-premises solution) requires, to enable Extended Protection (EP) to close all vulnerabilities. The activation is done via script, which Microsoft provided – but this script caused isses. Now Microsoft has released an updated … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Exchange Server 2013: Microsoft's tips on decommissioning the systems
[German]Administrators responsible for managing Exchange Server 2013 systems should start planning about replacing these systems. Because in April 2023, its support will expire. Microsoft has now published some advice on replacing Exchange Server 2013.
Is Windows Update KB5015811 causing Exchange performance issues?
[German]Quick poll to the administrators among the readership who are running a Microsoft Exchange on-premises installation on Windows Server 2019. Have you experienced any performance issues with Microsoft Exchange after installing the July 2022 update? I got a report from … Continue reading
Posted in issue, Update, Windows
Tagged Exchange, Patchday 7.2022, Problem, Windows Server 2019
5 Comments
Kaspersky finds SessionManager backdoor left by malware in IIS/Exchange servers worldwide
[German]Security vendor Kaspersky has come across a little-known backdoor, undetected by antivirus solutions, that leaves malware on Microsoft Exchange servers in the IIS module. There are infections of the so-called SessionManager backdoor in Exchange systems worldwide. The SessionManager backdoor enables … Continue reading
Microsoft Exchange Server: Remote Code Execution vulnerability CVE-2022-23277 exploitable despite patch?
[German]Are Microsoft Exchange servers on the current patch level still vulnerable via the remote code execution vulnerability CVE-2022-23277? Some fragments of information have just come to my attention that at least raise questions. In any case, the disclosure of the … Continue reading
Exchange 2016/2019 Mitigation Service Error 1008 due to expired certificate
[German]Today another piece of information for administrators of Microsoft Exchange servers who this week suddenly receive an Error 1008 on Exchange 2016 or 2019 in the event logs, which is triggered by the Mitigation Service. A blog reader brought this … Continue reading