Exchange

HonorDmarcPolicy in ExchangeOnline vanished from GUI

Andres Bohren
Hi all, Did you notice the "Honor DMARC Policy" in the Microsoft 365 Defender AntiPhishing Policy? A few weeks ago there was a Setting in the GUI but that has been vanisched there. The Setting is still available with PowerShell. As you can imagine, i was very surprised that this Setting is no longer in the GUI A few Weeks ago, there was this Setting in the Policy

Add OneNote Fileextensions to the Exchange Online Malware Filter

Andres Bohren
Hi All, I've heard from OneNote Phishing in the last few Months. That seems to be a new way of Attack. Sadly i don't know the exact details of that Attack. What came to my mind was to block OneNote Attachments in the Malware Filter. Microsoft: Besserer Schutz vor riskantem OneNote-Phishing geplant https://www.heise.de/news/Microsoft-Besserer-Schutz-vor-riskantem-OneNote-Phishing-geplant-7543318.html Also Microsoft want's to improve here according to the M 365 Roadmap https://www.

ExchangeOnlineManagement 3.2.0-Preview2 released

Andres Bohren
Hi All, Yesterday a new Preview Version of the ExchangeOnlineManagement PowerShell Module has been released to the PowerShell Gallery. ExchangeOnlineManagement 3.2.0-Preview2 https://www.powershellgallery.com/packages/ExchangeOnlineManagement/3.2.0-Preview2 Check what Module is installed and what's available from the PowerShell Gallery. Get-InstalledModule ExchangeOnlineManagement Find-Module ExchangeOnlineManagement -AllowPrerelease To install the Module Side by Side you have to use the -Force Parameter Install-Module ExchangeOnlineManagement -AllowPrerelease -Force Get-InstalledModule ExchangeOnlineManagement -AllVersions

Microsoft Outlook Elevation of Privilege Vulnerability (CVE-2023-23397)

Andres Bohren
Hi All, There is a Outlook Escalation of Privilege Vulnerability in Outlook. Tony Redmond has explained that very well Outlook Elevation of Privilege Vulnerability Leaks Credentials via NTLM https://practical365.com/cve-2023-23397-ntlm-vulnerability/ Microsoft Outlook Elevation of Privilege Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23397 Exchange CSS has released a Script to test and mitigate CVE-2023-23397 script https://microsoft.github.io/CSS-Exchange/Security/CVE-2023-23397/ Exchange On Prem You need to have an RBAC Admin Role that allows Application Impersonation and assign an Account.

March 2023 Exchange Server Security Updates

Andres Bohren
Hi All, Today the March 2023 Exchange Server Security Updates have been released. Released: March 2023 Exchange Server Security Updates https://techcommunity.microsoft.com/t5/exchange-team-blog/released-march-2023-exchange-server-security-updates/ba-p/3764224 Description of the security update for Microsoft Exchange Server 2019, 2016, and 2013: March 14, 2023 (KB5024296) https://support.microsoft.com/en-us/topic/description-of-the-security-update-for-microsoft-exchange-server-2019-2016-and-2013-march-14-2023-kb5024296-e13b0369-2102-4c95-bee2-456514630727 Security Update For Exchange Server 2016 CU23 SU7 (KB5024296) https://www.microsoft.com/en-us/download/details.aspx?id=105091 The downloaded exe File extracts then starts the Installation in a elevated Promt After the Security Update is installed, it is a good idea to restart the Server.

M365 Groups dumped in Outlook for Windows?

Andres Bohren
Hi All, Yesterday i stumbled across something odd. Did not see the M365 Groups in Outlook for Windows anymore. They seem to be gone in the newest Version. Let's start at the beginning. Office in the Current Channel Outlook Profile is set up with Cached Mode (without Chached Mode you don't see the M365 Groups either). As you can see the Groups are listed here

M365 Defender for Office 365 User reported Settings

Andres Bohren
Hi All, Do you know the User reported Settings in Microsoft 365 Defender for Office 365? For instance, you can send the Mails that a user reports with the "Report Message" Add-In to Microsoft also to a reporting Mailbox that you own. User reported settings https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/submissions-user-reported-messages-custom-mailbox?view=o365-worldwide User Reported Settings https://security.microsoft.com/securitysettings/userSubmission I've enabled that a while ago. As you can see the Reporting Mailbox receives all types: - Junk - Phishing - Not Junk

Microsoft Defender for Office 365 Recommended Configuration Analyzer (ORCA) 2.2 released

Andres Bohren
Hi All, A few hours ago a new Version of the Microsoft Defender for Office 365 Recommended Configuration Analyzer (ORCA) Module has been released. ORCA 2.2 https://www.powershellgallery.com/packages/Orca/2.2 To check the installed Module and what's available on PowerShell Gallery use the commands below Get-InstalledModule ORCA Find-Module ORCA Uninstall the old and install the new PowerShell Module

ExchangeOnlineManagement 3.2.0-Preview1 has been released

Andres Bohren
Hi All, Yesterday, Microsoft has released the ExchangeOnlineManagement 3.2.0-Preview1 PowerShell Module to the PowerShell Gallery. ExchangeOnlineManagement 3.2.0-Preview1 https://www.powershellgallery.com/packages/ExchangeOnlineManagement/3.2.0-Preview1 Whats new in this release:v3.2.0-Preview1 :1. Preview Release of new cmdlets:- Updating Briefing Email Settings of a tenant (Get-DefaultTenantBriefingConfig and Set-DefaultTenantBriefingConfig)- Updating Viva Insights Feature Settings of a tenant (Get-DefaultTenantMyAnalyticsFeatureConfig and Set-DefaultTenantMyAnalyticsFeatureConfig)2. Bug fixes in Connect-ExchangeOnline. Let's check what Version of the Module is installed and what is available from the PowerShell Gallery

How to check Exchange Active Directory Versions

Andres Bohren
Hi All, Sometimes you need to check the Exchange Active Directory Versions to see if a Schema Upgrade is needet. It is well documented on the Website from Microsoft Exchange Active Directory versions https://learn.microsoft.com/en-us/exchange/plan-and-deploy/prepare-ad-and-domains?view=exchserver-2019#exchange-active-directory-versions In this Case we use ADSIEdit.msc Or you simply run this Script ############################################################################### # Get Exchange AD Schema Version