EXCHANGE

Exchange Online Protection Common Attachment Filter Update (Summer 2022)

Andres Bohren
Hi All, As anounced the Microsoft common attachment filter has been updated with 53 default File Extensions and 219 File Extensions that can be selected. That’s a huge improvement to what was available end of last Year. Exchange Online Protection Common Attachment Filter Update Anti-malware protection in EOP I want to remind you - it’s your responsability to define the Policy. Be aware that blocking *.bin Files can cause unintended affects

Microsoft Outlook Lite on Android (Early Access)

Andres Bohren
Hi All, On beginning of August, Microsoft has announced the Microsoft Outlook Lite Version on Android. Microsoft Outlook Introduces Lite Version of Android App They say the App is: Small Fast Low battery usage Works on all Networks incl. 2G / 3G It’s unclear what Options are not supported or what’s the downside of using this app. Microsoft Outlook Lite - Google Play Regards Andres Bohren

Exchange Server Support for Windows Extended Protection

Andres Bohren
Hi All, With the August 2022 Updates for ExchangeServer 2013/2016/2019 there is a new Feature called Windows Server Extended Protection. This will help against authentication relay or “man in the middle” (MitM) attacks. Exchange Server Support for Windows Extended Protection Restrictions does not work with hybrid servers using Modern Hybrid configuration SSL Offloading scenarios are not supported Automated Archiving with Archive Policy is not suported TLS configuration must be consistent across all Exchange servers Access to Public Folders on Exchange 2013 not supported The newest version of HealthChecker.

Exchange Server 2013/2016/2019 Security Updates August 2022

Andres Bohren
Hi All, On the Microsoft Patchday, Microsoft has released Exchange 2013, Exchange 2016 and Exchange 2019 Security Updates. Released: August 2022 Exchange Server Security Updates Description of the security update for Microsoft Exchange Server 2019 and 2016: August 9, 2022 (KB5015322) Security Update For Exchange Server 2016 CU23 (KB5015322) Regards Andres Bohren

Blocking *.bin Files in EOP can cause block of Office Documents

Andres Bohren
Hi All, I just want to write a short Blog Article about Exhange Online Protection (EOP) Malware Filter regarding the *.bin Attachments. Just be aware, that when Adding Linked or Embedded Objects in Office Documents (like PowerPoint), the Objects are added as *.bin Objects and might be catched by the Malware Filter. Import content from other applications into PowerPoint If you rename the *.pptx or add *.zip at the end you can open in with Windows Explorer or any other ZIP Tool.

Exchange Online Cross-tenant mailbox migration (preview)

Andres Bohren
Hi All, There is a Preview for M365 Tenant to Tenant Migration of Exchange Mailboxes. I've tested this in my Lab. Took me several Days to complete the Migration or until i understand everything correctly and had everything fixed. Cross-tenant mailbox migration (preview) https://docs.microsoft.com/en-us/microsoft-365/enterprise/cross-tenant-mailbox-migration?view=o365-worldwide I've created this Overview to explain it a bit more. Here are all prerequisits to create a Tenant to Tenant (aka Cross-tenant) Mailbox Migration. Target Tenant Azure AD Application Create a new Azure AD App registration

Microsoft Defender for Office 365 Recommended Configuration Analyzer (ORCA) 2.1 released

Andres Bohren
Hi All, A few hours ago a new Version of the Microsoft Defender for Office 365 Recommended Configuration Analyzer (ORCA) Module has been released. ORCA 2.1 https://www.powershellgallery.com/packages/ORCA/2.1 To check the installed Module and what's available on PowerShell Gallery use the commands below Get-InstalledModule ORCA Find-Module ORCA Uninstall the old and install the new PowerShell Module Uninstall-Module ORCA Install-Module ORCA Get-InstalledModule ORCA I connect to Exchange Online (with -UseRPSSession Parameter, because i have already installed the Preview of the Module)

Safe Links Block list have been moved to Tenant Allow Block List (TABL)

Andres Bohren
Hi All, The M365 Defender for Office Safe Links Block list have been moved to Tenant Allow Block List (TABL) If you click on "Global Settings" https://security.microsoft.com/safelinksv2 you can see that the Block List have been Migrated Let's check the Tenant Allow/Block List https://security.microsoft.com/tenantAllowBlockList You can view the TenantAllowBlockList Items with the following Exchange command Get-TenantAllowBlockListItems https://docs.microsoft.com/en-us/powershell/module/exchange/get-tenantallowblocklistitems?view=exchange-ps Get-TenantAllowBlockListItems -ListType URL Get-TenantAllowBlockListItems -ListType URL | where {$_.Notes -match "Migrated"} I came across the "

Defender for Office365 Changes in Anti-Malware Notifications

Andres Bohren
Hi All, There has been a change in the Defender for Office 365 Anti-Malware Policy notifications. Summary: internal and external Notifications are gone and Action is changed only to "Quarantine" or "Reject" (with NDR). Not much to see on the M365 Roadmap But there are more Details in the M365 Admin Portal in Message Center In the M365 Defender Portal you can review the Settings https://security.microsoft.com/antimalwarev2 Internal- and ExternalSendernotifcations are gone.

Microsoft 365 Defender "Restricted Users" now called "Restricted Entities"

Andres Bohren
Hi All, In Microsoft 365 Defender "Restricted Users" now called "Restricted Entities", because it can also detect and create an alarm for a compromised Connector https://security.microsoft.com/restrictedentities Respond to a compromised connector https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/respond-compromised-connector?view=o365-worldwide Regards Andres Bohren