Exchange 2010 – WindowsTechs.com

CVE-2020-0688 Puts Focus on Exchange On-Premises Vulnerabilities

Posted on March 12, 2020 by Tony Redmond

The revelations that Exchange Server has had a vulnerability in the Exchange Control Panel since Exchange 2010 shocked some. Microsoft has patched CVE-2020-0688, but the problem gives on-premises administrators something to think about as they look to the long-term future of their email service. Staying on-premises is an option, but going to the cloud might be more secure.

The post CVE-2020-0688 Puts Focus on Exchange On-Premises Vulnerabilities appeared first on Petri.

Continue reading CVE-2020-0688 Puts Focus on Exchange On-Premises Vulnerabilities→

Microsoft Gives Exchange 2010 Nine More Months

Posted on September 19, 2019 by Tony Redmond

In a surprising but welcome announcement, Microsoft moved the end of extended support for Exchange 2010 to October 2020. This version of Exchange was the most technology-rich and significant in the product’s history, which might be the reason why so many organizations still depend on Exchange 2010 for email. Better options exist, and Exchange Online is the natural place to go… if your network and applications allow the move.

The post Microsoft Gives Exchange 2010 Nine More Months appeared first on Petri.

Continue reading Microsoft Gives Exchange 2010 Nine More Months→

Exchange Privilege Elevation Vulnerability Addressed by Microsoft Patches

Posted on February 12, 2019 by Tony Redmond

Exchange hack problem

The recent exposure of a privilege elevation vulnerability that exists in the control Exchange has over Active Directory and EWS push notifications is fixed by cumulative updates for Exchange 2013, Exchange 2016, and Exchange 2019 and a roll-up update for Exchange 2010 SP3. These changes mark an architectural modification for Exchange, something that Microsoft is loathe to do outside major releases. Install the updates now!

The post Exchange Privilege Elevation Vulnerability Addressed by Microsoft Patches appeared first on Petri.

Continue reading Exchange Privilege Elevation Vulnerability Addressed by Microsoft Patches→

Fixing a Multi-Protocol Exchange Server Vulnerability

Posted on January 29, 2019 by Tony Redmond

Exchange hack problem

No fix is available yet for the Exchange vulnerability reported by Dirk-jan Mollema and described in CVE-2018-8581. Apart from deploying a split permissions model, no out-of-the-box mitigation exists today. Microsoft is working actively to fix the problem and in the meantime, the brains of the Exchange community are hard at work to come up with possible solutions.

The post Fixing a Multi-Protocol Exchange Server Vulnerability appeared first on Petri.

Continue reading Fixing a Multi-Protocol Exchange Server Vulnerability→

All Versions of On-Premises Exchange Server Vulnerable to New Attack

Posted on January 25, 2019 by Tony Redmond

A newly-discovered vulnerability in Exchange potentially allows attackers to gain control over Active Directory. Since Exchange 2000, Exchange has been a highly-privileged server that’s tightly connected to Active Directory. Add in some NTLM weakness, Exchange Web Services push notifications, and everything comes together for the bad guys.

The post All Versions of On-Premises Exchange Server Vulnerable to New Attack appeared first on Petri.

Continue reading All Versions of On-Premises Exchange Server Vulnerable to New Attack→

Exchange 2010 Nears the End

Posted on January 17, 2019 by Tony Redmond

Exchange 2010 will become unsupported on January 14, 2020. It’s time to decide whether to move to Office 365 or Exchange 2016/2019. Exchange 2010 was a really big and important release in the 23-year history of the product, so it’s sad to see it heading to the software scrapyard.

The post Exchange 2010 Nears the End appeared first on Petri.

Continue reading Exchange 2010 Nears the End→

Microsoft Migrates Exchange Public Folders to Office 365 Groups

Posted on September 5, 2017 by Tony Redmond

Microsoft has new tools to migrate public folders (the “cockroaches of Exchange”) to Office 365 Groups. Sounds good. The good news is that the tools work, even if they need a lot of manual oversight. ISVs offer tools to do the same job with more automation. The choice is yours!

The post Microsoft Migrates Exchange Public Folders to Office 365 Groups appeared first on Petri.

Continue reading Microsoft Migrates Exchange Public Folders to Office 365 Groups→

Microsoft Migrates Exchange Public Folders to Office 365 Groups

Posted on September 5, 2017 by Tony Redmond

The post Microsoft Migrates Exchange Public Folders to Office 365 Groups appeared first on Petri.

Continue reading Microsoft Migrates Exchange Public Folders to Office 365 Groups→

Cherish your arbitration mailboxes – just in case!

Posted on April 21, 2016 by Windows IT Pro

Arbitration mailboxes made their appearance in Exchange 2010 as a special form of mailbox that is designed to be used by Exchange itself rather than a user. In short, there are times when Exchange needs to stuff data away for one reason or another and it makes sense to use a mailbox for this purpose. After all, mailboxes go in databases and can be protected by high availability, and so on…

The full set of arbitration mailboxes is exposed in all its glory by running the command:

Tony Redmond’s Exchange Unwashed

Continue reading Cherish your arbitration mailboxes – just in case!→

Category Archives: Exchange 2010

CVE-2020-0688 Puts Focus on Exchange On-Premises Vulnerabilities

Microsoft Gives Exchange 2010 Nine More Months

Exchange Privilege Elevation Vulnerability Addressed by Microsoft Patches

Fixing a Multi-Protocol Exchange Server Vulnerability

All Versions of On-Premises Exchange Server Vulnerable to New Attack

Exchange 2010 Nears the End

Microsoft Migrates Exchange Public Folders to Office 365 Groups

Microsoft Migrates Exchange Public Folders to Office 365 Groups

Sponsored: Managing Email Signatures

Cherish your arbitration mailboxes – just in case!