_medium.jpg)
Microsoft has been forced to pull the latest Exchange Server security update due to troubles with Transport and DLP rules.
Microsoft exchange server RSS
The mainstream support for Microsoft Exchange Server 2019 officially ends as of today, January 9. However, it will continue to get updates via Extended support until October 14, 2025.
Microsoft has recommended IT admins to remove certain objects from antivirus exclusions in Exchange Server environments. This will result in a better cybersecurity posture for your organization.
Support for Microsoft Exchange Server 2013 is ending in less than two months. Microsoft is recommending upgrading to Exchange Server 2019 or migrating to the managed Exchanged Online.
Microsoft is seemingly targeting the improvement of the Exchange Server update and deployment process. One of the considerations includes automatic installation of cumulative updates.
Microsoft has rolled out January 2023's Security Updates (SUs) for support versions of Exchange Server. They include better security for PowerShell payloads, along with a known bug for OWA.
With Basic Auth in Exchange Online slowly being killed off in favor of Modern Auth (OAuth 2.0), Microsoft has detailed the next protocol it's disabling for Exchange Online customers, starting today.
Microsoft has issued an advisory about two 0-day vulnerabilities affecting on-premises installations of Exchange Server. Unfortunately, no fix is available yet but there are a couple of mitigations.
_medium.jpg)
Microsoft has announced that the next version of Exchange Server will now launch in 2025. It has blamed cyberattacks on on-premises Exchange servers for making it miss the initial 2021 deadline.
Microsoft has announced a significant change to its delivery process for Security Updates and Hotfixes to Exchange Server. The aforementioned updates will now be offered through .exe packages too.
Microsoft has reminded organizations that it is deprecating Basic Auth for most protocols in Exchange Online in October 2022. The disabling process will be randomized so it's best to be prepared.
This week, we are recapping a bunch of updates for Microsoft apps and services, Windows updates (and the lack of them), and some incidents in the cybersecurity space. Read about all of this here!
Microsoft has revealed new capabilities coming to Reply-all Storm Protection in Exchange Online. Exchange admins will be able to add reports, a GUI for settings, and an alert flow to their arsenal.
A security company has published details about Hive ransomware currently targeting vulnerable Microsoft Exchange servers and encrypting environments with a "windows.exe" file containing ransomware.
_medium.jpg)
Google's Project Zero team has published its findings for 0-day exploits in the year 2021. It detected the most 0-days in this year but some positive insights that can be drawn too.
