Hi All, On 29. September Microsoft reported Zero-Day Vulnerabilities in Exchange Server and published the Advisory below.
Customer Guidance for Reported Zero-day Vulnerabilities in Microsoft Exchange Server
https://techcommunity.microsoft.com/t5/exchange-team-blog/customer-guidance-for-reported-zero-day-vulnerabilities-in/ba-p/3641494
Customer Guidance for Reported Zero-day Vulnerabilities in Microsoft Exchange Server
https://msrc-blog.microsoft.com/2022/09/29/customer-guidance-for-reported-zero-day-vulnerabilities-in-microsoft-exchange-server/ I was wondering if the Exchange Server Emergency Mitigation Service kicked in. But until FR Evening 30 September there was just the default Rule https://blog.icewolf.ch/archive/2021/09/29/exchange-server-emergency-mitigation.aspx
."C:\Program Files\Microsoft\Exchange Server\V15\scripts\Get-Mitigations.ps1" When i checked today, a new Rule has been deployed .
Hi All, Finally the ExchangeOnlineManagement PowerShell Module V3 has been released. You can find the newest Module in the PowerShell Gallery
ExchangeOnlineManagement 3.0.0
https://www.powershellgallery.com/packages/ExchangeOnlineManagement/3.0.0
It is REST Based and does not require WinRM Basic Authentication on the Client anymore
Get Installed Module and what is available in the PowerShell Gallery
Get-InstalledModule ExchangeOnlineManagement Find-Module ExchangeOnlineManagement Uninstall the old Module and install the new Module
Uninstall-Module ExchangeOnlineManagement -Force Install-Module ExchangeOnlineManagement Get-InstalledModule ExchangeOnlineManagement
Hi All, Did you know, that you can set DMARC Records for your onmicrosoft.com Address in M365?
How to enable DMARC Reporting for Microsoft Online Email Routing Address (MOERA) and parked Domains
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/step-by-step-guides/how-to-enable-dmarc-reporting-for-microsoft-online-email-routing-address-moera-and-parked-domains?view=o365-worldwide In the M365 Admin Center go to Domains https://admin.microsoft.com/Adminportal/Home#/Domains Select the onmicrosoft.com Domain
Select "DNS Records" and "Add record"
Now you can add your DMARC Configuration
Now you can Check with nslookup
nslookup -type=txt _dmarc.<m365tenant>.onmicrosoft.com
Regards Andres Bohren
Hi All, Microsoft has released a new Preview of theyr ExchangeOnlineManagemen PowerShell Module
ExchangeOnlineManagement 2.0.6-Preview8
https://www.powershellgallery.com/packages/ExchangeOnlineManagement/2.0.6-Preview8 v2.0.6-Preview8 : 1. Support for system-assigned and user-assigned Managed Identity from Azure Functions. - The -ManagedIdentity switch parameter, and the -Organization parameters need to be provided to indicate that a managed identity should be used. This will by default attempt to use a system-assigned managed identity. - For specifying a user-assigned managed identity, in addition to the parameters specified above, the AppID of the service principal corresponding to the user-assigned identity needs to be passed to the -ManagedIdentityAccountId.
Hi All,
As anounced the Microsoft common attachment filter has been updated with 53 default File Extensions and 219 File Extensions that can be selected. That’s a huge improvement to what was available end of last Year.
Exchange Online Protection Common Attachment Filter Update Anti-malware protection in EOP I want to remind you - it’s your responsability to define the Policy. Be aware that blocking *.bin Files can cause unintended affects
Hi All,
On beginning of August, Microsoft has announced the Microsoft Outlook Lite Version on Android.
Microsoft Outlook Introduces Lite Version of Android App They say the App is:
Small Fast Low battery usage Works on all Networks incl. 2G / 3G It’s unclear what Options are not supported or what’s the downside of using this app.
Microsoft Outlook Lite - Google Play Regards
Andres Bohren
Hi All,
With the August 2022 Updates for ExchangeServer 2013/2016/2019 there is a new Feature called Windows Server Extended Protection. This will help against authentication relay or “man in the middle” (MitM) attacks.
Exchange Server Support for Windows Extended Protection Restrictions
does not work with hybrid servers using Modern Hybrid configuration SSL Offloading scenarios are not supported Automated Archiving with Archive Policy is not suported TLS configuration must be consistent across all Exchange servers Access to Public Folders on Exchange 2013 not supported The newest version of HealthChecker.
Hi All,
On the Microsoft Patchday, Microsoft has released Exchange 2013, Exchange 2016 and Exchange 2019 Security Updates.
Released: August 2022 Exchange Server Security Updates Description of the security update for Microsoft Exchange Server 2019 and 2016: August 9, 2022 (KB5015322) Security Update For Exchange Server 2016 CU23 (KB5015322) Regards
Andres Bohren
Hi All,
I just want to write a short Blog Article about Exhange Online Protection (EOP) Malware Filter regarding the *.bin Attachments.
Just be aware, that when Adding Linked or Embedded Objects in Office Documents (like PowerPoint), the Objects are added as *.bin Objects and might be catched by the Malware Filter.
Import content from other applications into PowerPoint If you rename the *.pptx or add *.zip at the end you can open in with Windows Explorer or any other ZIP Tool.
Hi All, There is a Preview for M365 Tenant to Tenant Migration of Exchange Mailboxes. I've tested this in my Lab. Took me several Days to complete the Migration or until i understand everything correctly and had everything fixed.
Cross-tenant mailbox migration (preview)
https://docs.microsoft.com/en-us/microsoft-365/enterprise/cross-tenant-mailbox-migration?view=o365-worldwide I've created this Overview to explain it a bit more. Here are all prerequisits to create a Tenant to Tenant (aka Cross-tenant) Mailbox Migration.
Target Tenant Azure AD Application Create a new Azure AD App registration
