Microsoft Exchange and Active Directory Blog
Important information for Exchange administrators: KB2565063 must be reinstalled on all Exchange Server versions released before October 2018. This currently affects all available Exchange versions and CUs. The background is that the installation files (new installation and update installation) of Exchange have an unpatched version installed and Exchange is therefore still vulnerable to a remote code ... Read more
The September update KB445127 for Windows Server 2016 from 20.09.2018 causes problems on domain controllers in connection with the Exchange GAL (Global Address List). After the update was installed on Windows Server 2016 Domain Controllers, Outlook clients can no longer access the Global Address List: I was also able to reproduce this problem as soon as more than 18 recipients ... Read more
New updates have been released for all Exchange Server versions. Exchange 2010 is also included. Click here to download directly: Exchange Server 2016 CU10 Exchange Server 2013 CU21 Exchange Server 2010 Update Rollup 22 Click here for details of the changes: Exchange Server 2016 CU10 Exchange Server 2013 CU21 Exchange Server 2010 ... Read more
When migrating from Exchange 2010 / 2013 to Exchange 2016, there may be problems with Autodiscover in connection with Kerberos. The problems range from permanent queries of the login information in Outlook to a complete crash of Outlook when a mailbox is moved to an Exchange 2016 server. When can the problem occur? The problem ... Read more
In this article, I already pointed out that Office 365 will only support TLS 1.2 from October 2018. However, before switching to the current TLS 1.2 version, the clients / servers with which the local Exchange server does not yet communicate via TLS 1.2 should be identified. The following small script can be used ... Read more
Three detailed articles on Exchange Server and TLS 1.2 have been published on the Exchange Team Blog. The articles are not only very worth reading, but also have an important background: From October 2018, Office 365 will require TLS 1.2 and will not accept mails from servers that only support TLS 1.0 or TLS 1.1. In plain language ... Read more
Anyone who discovers the event with the ID 40025 in the Event Viewer of an Exchange Server has no immediate cause for concern, but should take action: Source: MSExchangeIS ID: 40025 Database "Database Name" ("Database GUID") has been offline-repaired (by eseutil.exe) one or more times in the past. However, although this ensures database-level logical consistency and may permit ... Read more
New updates have been released for all Exchange Server versions. Click here to download directly: Exchange Server 2016 CU7 Exchange Server 2013 CU18 Click here for details of the changes: Exchange Server 2016 CU7 Exchange Server 2013 CU18 Article about the updates on the Exchange Team Blog: Exchange Team Blog For me personally ... Read more
Microsoft has released new security updates for Exchange 2010 to Exchange 2016. Specifically, it concerns this security vulnerability: This security update fixes a security vulnerability in Microsoft Exchange Outlook Web Access (OWA). The vulnerability could allow privilege escalation or spoofing attacks in Microsoft Exchange Server if an attacker sends an email with a specially crafted attachment to a vulnerable Exchange ... Read more
In this blog post, Thomas Shinder from Microsoft presented the new "Microsoft Security Guide". The article is quite interesting and well worth reading. I was particularly taken with the last section. It says: The Security Update Guide development API can be used to create a report in CVRF format. To use this API, click the ... Read more
