EXCHANGE

ExchangeOnlineManagement 3.2.0-Preview3 released

Andres Bohren
Hi All, Yesterday Microsoft has released the ExchangeOnlineManagement 3.2.0-Preview3 to PowerShell Gallery. ExchangeOnlineManagement 3.2.0-Preview3 Release Notes v3.2.0-Preview3: Bug fixes in Disconnect-ExchangeOnline. Bug fixes in Set-DefaultTenantMyAnalyticsFeatureConfig. Preview of REST based cmdlets for SCC powershell: Added UseRPSSession parameter to Connect-IPPSSession Let’s check what Module is installed and whats available from the PowerShell Gallery Get-InstalledModule ExchangeOnlineManagement -AllVersions Find-Module ExchangeOnlineManagement -AllowPrerelease Now let’s uninistall the old Preview2 Module and install Preview3 Uninstall-Module ExchangeOnlineManagement -AllowPrerelease -Force Install-Module ExchangeOnlineManagement -AllowPrerelease -Force Get-InstalledModule ExchangeOnlineManagement -AllVersions Now you can use finally use REST Based Connection for Security and Compliance.

New Exchange Online Quarantine Notification frequency

Andres Bohren
Hi All, Almost a Year ago, Microsoft has anounced faster Quarantine Options. They anouced 1 Hour and changed it later to 4 Hours. This change has now arrived in my Tenant. Simplifying the Quarantine Experience - Part Two Microsoft 365 Defender > Threat Policies > Quarantine Policy Or go direct to the Quarantine policy and select “Global settings” QuarantinePolicies Now you can change the Quaranine Notification frequency between 4 Hours / Daily / Weekly

Exchange Online sends now DMARC Aggregate Reports

Andres Bohren
Hi All, As a Messaging Engineer / Architect i am well familiar with all the Messaging Standards that help to improve the Security of your Domain. Check out my Get-Mailprotection.ps1 Script Basics about SPF / DKIM / DMARC SPF / DKIM / DMARC DMARC Advisor - so far the best DMARC Reporting Tool DMARC Advisor Lately there has been an Anoucement that Exchange Online will also send DMARC Aggregate Reports (RUA) if the MX Points directly to Exchange Online.

HonorDmarcPolicy in ExchangeOnline vanished from GUI

Andres Bohren
Hi all, Did you notice the “Honor DMARC Policy” in the Microsoft 365 Defender AntiPhishing Policy? A few weeks ago there was a Setting in the GUI but that has been vanisched there. The Setting is still available with PowerShell. As you can imagine, i was very surprised that this Setting is no longer in the GUI A few Weeks ago, there was this Setting in the Policy Now it’s only available in PowerShell

Add OneNote Fileextensions to the Exchange Online Malware Filter

Andres Bohren
Hi All, I’ve heard from OneNote Phishing in the last few Months. That seems to be a new way of Attack. Sadly i don’t know the exact details of that Attack. What came to my mind was to block OneNote Attachments in the Malware Filter. Microsoft: Besserer Schutz vor riskantem OneNote-Phishing geplant Also Microsoft want’s to improve here according to the M 365 Roadmap M365 Roadmap I’ve checked the OneNote file Extensions on my Computer

ExchangeOnlineManagement 3.2.0-Preview2 released

Andres Bohren
Hi All, Yesterday a new Preview Version of the ExchangeOnlineManagement PowerShell Module has been released to the PowerShell Gallery. ExchangeOnlineManagement 3.2.0-Preview2 Check what Module is installed and what’s available from the PowerShell Gallery. Get-InstalledModule ExchangeOnlineManagement Find-Module ExchangeOnlineManagement -AllowPrerelease To install the Module Side by Side you have to use the -Force Parameter Install-Module ExchangeOnlineManagement -AllowPrerelease -Force Get-InstalledModule ExchangeOnlineManagement -AllVersions Make sure the new Module is loaded Import-Module ExchangeOnlineManagement Get-Module If you run “Connect-ExchangeOnline” multiple times you can now Disconnect-ExchangeOnline a specific Connection.

Microsoft Outlook Elevation of Privilege Vulnerability (CVE-2023-23397)

Andres Bohren
Hi All, There is a Outlook Escalation of Privilege Vulnerability in Outlook. Tony Redmond has explained that very well Outlook Elevation of Privilege Vulnerability Leaks Credentials via NTLM Microsoft Outlook Elevation of Privilege Vulnerability Exchange CSS has released a Script to test and mitigate CVE-2023-23397 script Exchange On Prem You need to have an RBAC Admin Role that allows Application Impersonation and assign an Account. If you don’t have that Role you can create it

March 2023 Exchange Server Security Updates

Andres Bohren
Hi All, Today the March 2023 Exchange Server Security Updates have been released. Released: March 2023 Exchange Server Security Updates Description of the security update for Microsoft Exchange Server 2019, 2016, and 2013: March 14, 2023 (KB5024296) Security Update For Exchange Server 2016 CU23 SU7 (KB5024296) The downloaded exe File extracts then starts the Installation in a elevated Promt After the Security Update is installed, it is a good idea to restart the Server.

M365 Groups dumped in Outlook for Windows?

Andres Bohren
Hi All, Yesterday i stumbled across something odd. Did not see the M365 Groups in Outlook for Windows anymore. They seem to be gone in the newest Version. Let’s start at the beginning. Office in the Current Channel Outlook Profile is set up with Cached Mode (without Chached Mode you don’t see the M365 Groups either). As you can see the Groups are listed here The cached Files are stored in C:\Users<Username>\AppData\Local\Microsoft\Outlook

M365 Defender for Office 365 User reported Settings

Andres Bohren
Hi All, Do you know the User reported Settings in Microsoft 365 Defender for Office 365? For instance, you can send the Mails that a user reports with the “Report Message” Add-In to Microsoft also to a reporting Mailbox that you own. User reported settings User Reported Settings https://security.microsoft.com/securitysettings/userSubmission I’ve enabled that a while ago. As you can see the Reporting Mailbox receives all types: Junk Phishing Not Junk The Mail contains the Header and the Original Mail as Attachment.