A new Exchange vulnerability has been disclosed this week known as ProxyToken that allows someone who can access an Exchange 2013, 2016 or 2019 server over HTTPS to perform configuration actions against mailboxes of their choosing, such as setting forwarding rules. Find out what you need to do to protect your organization.
So, you've completed your migration to Exchange Online. Email flows smoothly into and out of the cloud, and all your mailboxes are now online. What's next for your Exchange Servers, now that you've made the transition? After completion you will have several tasks to perform to remove Exchange Servers from your environment, but there is one important caveat you need to know about; if you run Azure AD Connect then you can't remove every Exchange Server from your environment. You will need to keep at least one around for management purposes. In this article, I'll walk through what you can do to minimise what you keep and need to maintain, and what you can consider planning for in the future. You can also join me at TEC this week, on September 2nd.
In the show this week - Microsoft price increases, Ignite is back later this year, we bid IE11 farewell, cover the latest Teams new features and - discuss Exchange vulnerabilities you need to patch and protect yourself against.
It's incredible, but reports still come in to prove that thousands of unpatched Exchange on-premises servers remain connected to the internet. New reports indicate that servers continue to be attacked and that thousands of vulnerable servers remain available as hacking targets. It's time to either get patched or move to the cloud.
It has been a tiring year for Exchange on-premises and hybrid administrators and unfortunately, it's not getting any easier. The HAFNIUM exploits cast a negative light on Microsoft Exchange, re-emphasizing why email is a crucial part of any organization and that nothing and no one is exempt from an attack. Find out why and what you can do to protect your organization NOW.
TEC 2021, The Experts Conference, takes place as a virtual event on September 1-2. In this article, Tony selects his favorite sessions from the event agenda. This isn't to say that the other sessions are no good. Everyone's got their own favorite topics and there are many other TEC 2021 sessions covering other topics which will make others very happy.
Microsoft has released security updates for Exchange 2013, Exchange 2016, and Exchange 2019 to fix some remote code execution vulnerabilities. It's time to update your on-premises servers again, including those used for hybrid management. Let's not give those nasty hackers any easy targets to attack.
On the show this week, Steve and Paul discuss Teams version 2.0 - and take a deep dive into why the new version will perform better. Justin Morris from Microsoft joins us with expert, real-world advice on Teams Rooms, we discuss Exchange updates (with new features!), Windows 11 planning guidance, plus find out the key features rolling out to your tenant now.
If you prefer to run Exchange Server setup for new installations or cumulative updates using the GUI rather than the command line, then you aren’t alone, and if you are finally getting round to removing an Exchange Server 2010 or 2013 Hybrid and replacing it with Exchange Server 2016, then it’s better late than never. […]
Microsoft has delayed the release of the June 2021 cumulative updates for Exchange Server for two weeks to integrate the Windows Antimalware Scan interface (AMSI). The change will allow Exchange 2016 and Exchange 2019 servers running on Windows Server 2016 or later to integrate antimalware engines to check HTTP requests for potential problems. If ever there was good reason to delay an update, this is it.
9 Comments
The New-DistributionGroup cmdlet has been in Exchange since 2006. It creates a new distribution list that is easily populated with a few commands. Although Microsoft might like everyone to use the new-fangled Microsoft 365 Groups, the fact remains that distribution lists are very useful. So much so that many millions are still in active use. In this article, we explore how to create new standard and dynamic distribution lists with PowerShell.
Microsoft has released security patches to address four new remote code vulnerabilities in Exchange 2013,2016, and 2019. At the same time, the FBI has removed web shells from compromised servers, but only in the U.S. Now more than ever it is essential that Exchange Server administrators apply all available patches and make sure that their servers have no lingering surprises left behind by attackers.
