Microsoft Exchange and Active Directory Blog
A week ago, Microsoft released new security updates for Exchange Server 2013, 2016 and 2019. I'm only reporting on this now because I've been on vacation for the last 14 days. But thanks to the CVE reporter, this shouldn't be a problem :-) The following four vulnerabilities are closed by the updates CVE-2021-31196 CVE-2021-34470 CVE-2021-33768 CVE-2021-31206 Here's ... Read more
The new AMSI integration introduced with CU21 for Exchange 2016 and CU10 for Exchange 2019 in conjunction with various anti-virus scanners causes some serious problems. The Outlook connection sometimes becomes so slow that it is no longer possible to work. Even starting Outlook can take several minutes. Outlook repeatedly fails to respond, ... Read more
Microsoft has released new updates for Exchange Server 2016 and 2019 today. The CU21 now released for Exchange 2016 is the last CU to be released for Exchange 2016. From now on, there will only be security updates for Exchange 2016. Click here to download the CUs directly: Exchange Server 2019 ... Read more
I have just completed the CVE-Reporter and made the first public version available for download. I've been using the CVE-Reporter for a while now so that I receive an e-mail when new vulnerabilities or security holes are discovered and can therefore react quickly to possible security holes. Until now, I had not made the CVE-Reporter publicly available, because so far ... Read more
Sometimes it may be necessary to subsequently change the IP and host name of a domain controller, for example if a new domain controller replaces an old one and is to be accessible under the same IP and name. Changing the IP address of a domain controller is normally possible without any problems, changing the host name of a domain controller ... Read more
Here's a little tip for people who often need test environments for Exchange 2019 servers. Until now, it was not so easy to get the installation files for Exchange 2019. The ISO for installation (or the CUs for the updates) were only offered for download in the VLSC, Visual Studio subscription or Action Pack. ... Read more
From time to time it can be useful to get an overview of the Outlook versions in use. Every now and then you will certainly find old Office / Outlook versions that should no longer be in use. With Exchange 2016 / 2019 servers, the Outlook version can be removed with PowerShell from ... Read more
In the standard Active Directory setting, the display name is formed from the first and last name. However, many companies, mostly in German-speaking countries, change the generation of the display name to "last name and first name". This has the advantage that users are easier to find in the Exchange address book and in the Active Directory, as the sorting is based on the surname and ... Read more
Microsoft has released new security updates for all Exchange Server versions (2013 - 2019). This time it concerns the vulnerabilities that were successfully used in Pwn2Own 2021 to attack Exchange Server. The following vulnerabilities are fixed: CVE-2021-31209 CVE-2021-31207 CVE-2021-31198 CVE-2021-31195 Here is a description from the Pwn2Own website, presumably exactly this vulnerability is now fixed: The ... Read more
I have just released the new version of the Exchange Reporter. Besides a small bugfix regarding the incorrectly displayed failover time of the databases within a DAG, three new modules are now available. Two of the new modules were contributed by Leslie. Leslie has already found and reported many bugs in the previous versions, so he deserves ... Read more
