On the show this week, we’re delving into the Microsoft Cloud outage – which was somewhat under-reported, and we consider why and who it affected. Plus, another month and another Exchange Security patch – Microsoft is smashing every remaining bug in on-premises Exchange, it seems.
We say a heartfelt goodbye to the classic Exchange Admin Center and a big hello to new Microsoft Teams features. Collaborative notes arrives, and Microsoft delivers Teams meeting room features that help complete the full vision promised a little over a year ago. Finally, we discuss new audit capabilities in To-Do, Planner, and Project Online. Do you need them, and if so, will you need to pay?
Microsoft Cloud suffers disruptions, affecting Exchange Online, OneDrive, and other services
At Practical 365, as the name implies, we’re certainly advocates of Microsoft 365. Microsoft does meet their SLAs for service availability, and overall, it is fair to say that the majority of customers would have suffered longer outages (or worse, successful cyber attacks) if they had stayed on-premises.
So it’s with some surprise this week that we are talking about Microsoft having a cloud outage and then appearing somewhat reticent to explain exactly what happened, finally releasing a blog post explaining the details on the Microsoft Security Response Center blog. On the show, Paul points out the timing of this – on a Friday afternoon – couldn’t be worse as it appears like a PR stunt to avoid scrutiny, and Microsoft doesn’t make it clear that Microsoft 365 was affected, nor make any apology for having not taken mitigating steps themselves. They go further and recommend Azure customers implement additional security measures (at the customer’s own cost, obviously).
There’s a dispute in the security community about Microsoft’s pinpointing of the group responsible (labeled Storm-1359 by Microsoft), with security researchers pointing to more likely threat actors responsible. A state-sponsored attack rather than an anonymous start-up group certainly seems more plausible – but then again, who wants to face the idea that anybody but the most well-resourced attackers could take down Microsoft with a DDOS attack? We’re sure over time, more will come out, but for now – we’d suggest not worrying too much, as there’s little you can do, and Microsoft has managed to contain the damage.
Still running Exchange Server On-Premises? Start your Patching Engines!
Microsoft continues to diligently patch and release security updates for Exchange as people report them, which is no surprise, given the bug-bounty programs were recently expanded to cover Exchange Server on-premises.
As with the previous patches, the update process has been improved for reliability and automatic escalation, making patching simpler and easier for those less familiar; and the security updates are available for both Exchange Server 2016 (CU23) and Exchange Server 2019 (CU12 and CU13).
No cases of the vulnerabilities are known in the wild as yet, and two CVEs are covered (CVE-2023-32031 and CVE-2023-28310).
The Exchange Team blog post doesn’t go into detail about what the impact of these being exploited is, so we’ll give you a quick overview.
CVE-2023-32031 is a remote code vulnerability that requires an attacker to be authenticated and, via a network call, can execute code in the context of the server’s computer account (which will have privileges as a member of the “Exchange Servers” AD group).
CVE-2023-28310 is another remote code vulnerability that requires an attacker to be authenticated, on the same network as the Exchange Server, and doesn’t require special privileges either. If authenticated, the attacker can execute remote code via a PowerShell remoting session.
Read more on the Exchange Team Blog and get installing the updates
Microsoft deprecates 10-year old Exchange Admin Center
Long-time readers will no doubt feel like we do – it seems like yesterday when the web-based EAC was born and sprang into life in Exchange Server 2013. Unfortunately, it didn’t mature and evolve over time and the EAC in Exchange Online & Exchange 2013, 2016, and 2019 has remained very much the same; unless you count the various pointers within the interface to newer, shinier tools.
The new EAC has been with us for some time, and since its launch, new capabilities like Google Mail migrations and cross-tenant moves have only been launched into the new admin portal; so it comes as little surprise that the final deprecation of the EAC is upon us – in fact it’s gone and was deprecated on the 20th June.
If you do need something that you could only do in the classic EAC (personally, I can’t think of anything) then remember PowerShell is your friend and designed for advanced admins like yourselves.
Read more about the demise of the Classic EAC on the Exchange Team Blog
Microsoft Teams Rooms and Meetings match Microsoft’s Vision
In some great news, a plethora of updates to Microsoft Teams Rooms and Meetings, announced at InfoComm 2023, mean that the long-awaited vision for Teams Rooms (see Microsoft’s demo videos from back in 2021 as an example) finally arrived; Front Row now will remove the background from meeting participants, to better contrast them against the black background of the MTR double display; and as we mentioned on the last show, Intelligent Recap is designed to automatically take notes and assign actions.
I bemoaned Microsoft’s inability to deliver Intelligent Cameras last year when they opted to re-frame the feature as something in the hands of vendors. Soon after we wrote about that, likely by sheer coincidence, Microsoft announced Intelliframe, which – much like I suggested – provides a cloud-delivered identification of meeting room participants and presents each in their own frame in the meeting. Having this feature as a cloud-side capability makes a lot of sense – after all, the video feed needs to go via the Cloud on its way to remote attendees; and it means businesses don’t need to keep refreshing their meeting room hardware for small features that are “nice to haves.”
Read more about Microsoft Teams Rooms new features on the Microsoft Tech Community
Collaborative Notes is in Public Preview and we love it
Paul and I discuss collaborative notes (again) on the podcast, and now it has arrived, we get to test it out on the show. When we saw this was on the way, we hoped that this will be a feature that is easy to adopt rather than something users have to be told about and discover for themselves.
Somewhat usefully, it provided a pop-up recommending I try it as I joined the Practical 365 podcast meeting, and Paul had already seen users at his employer send out Teams Meeting appointments and use the feature to populate an agenda, so we’d say that this is a good thing.
As we understand it, it is the component that’s used by Intelligent Recap to populate meeting notes and actions (though, we might be wrong – if so, let us know – neither of us are in a US-based tenant) so use of the feature should provide some consistency between folks who like to write their own notes & actions and those who’d like a “ChatGPT-powered” version auto-added.
Read more on the Microsoft Teams Blog on the Microsoft Tech Community
Audit Planner, To-Do & Project Online Events (but, there’s a catch)
Finally, this week, from the message center comes a new feature for auditing To-Do, Planner, and Project Online events. It does, somewhat disappointingly for those who like to audit everything, come at a cost. To use this, you must license users that will be audited with Project Online licenses.
On the show, Paul and I play both sides to the discussion; is it a way for Microsoft to extract more money? Or is it a niche requirement, only needed by Project Online customers, where Microsoft have gone above and beyond by including not only Project Online events in the audit but also sucking in To-Do and Planner events as a free bonus? We discuss; you decide!
Read more on Tony Redmond’s Office 365 for IT Pro’s blog to get his take
And that’s all for the show this week. Join us in two weeks’ time for Episode 31 of Season 3.