Exchange Server – Page 9 – WindowsTechs.com

Is Exchange Online Threatened by Ransomware?

Posted on August 6, 2019 by Tony Redmond

Some people worry that Exchange Online mailboxes could be compromised by ransomeware and people will be forced to pay BitCoin to decrypt their messages. It’s certainly a possibility, but out-of-the-box solutions exist if you’re unlucky enough to be infected. That is, if you’ve done the necessary up-front planning to prepare for the worst to happen.,

The post Is Exchange Online Threatened by Ransomware? appeared first on Petri.

Continue reading Is Exchange Online Threatened by Ransomware?→

Microsoft Deprecating Exchange Online’s Search-Mailbox Cmdlet

Posted on August 1, 2019 by Tony Redmond

Microsoft has started to flag its intention to deprecate the Search-Mailbox cmdlet. It’s probably the right time to remove this cmdlet from Exchange Online because Office 365 compliance searches can serve the same purpose. At least, compliance searches can do most of what Search-Mailbox does faster. Some functionality gaps need to be filled before we can bid adieu to Search-Mailbox, but its time is coming.

The post Microsoft Deprecating Exchange Online’s Search-Mailbox Cmdlet appeared first on Petri.

Continue reading Microsoft Deprecating Exchange Online’s Search-Mailbox Cmdlet→

Phishing Report Highlights Need for Sophisticated Anti-Malware Software

Posted on May 30, 2019 by Tony Redmond

A recent report by a security vendor says that 25% of phishing messages get by Exchange Online Protection (EOP) and arrive into Office 365 user mailboxes. This highlights the need to configure EOP properly and run multiple lines of defense. Microsoft would like you to use Office 365 Advanced Threat Protection (ATP) alongside EOP. Offerings from other security vendors are also available. For better protection against phishing, you should consider something like ATP.

The post Phishing Report Highlights Need for Sophisticated Anti-Malware Software appeared first on Petri.

Continue reading Phishing Report Highlights Need for Sophisticated Anti-Malware Software→

Exchange’s EHLO Blog Moves to The Microsoft Technical Community

Posted on May 28, 2019 by Tony Redmond

Microsoft has moved the venerable EHLO blog maintained by the Exchange product group to the Microsoft Technical Community (MTC) platform. The first post is about the Exchange 2019 sizing calculator. Hopefully the changeover won’t affect the great content published in EHLO over the years. What’s of more concern is the lack of participation in the MTC by Microsoft product engineers and MVPs.

The post Exchange’s EHLO Blog Moves to The Microsoft Technical Community appeared first on Petri.

Continue reading Exchange’s EHLO Blog Moves to The Microsoft Technical Community→

Exchange and the Turla LightNeuron Attack

Posted on May 9, 2019 by Tony Redmond

Turla, a Russian cyber-espionage group is reported as being behind an attack on Exchange on-premises servers that uses transport agents to capture and process messages for selected users. It’s an interesting attack vector that hasn’t been seen before and raises the question of how often administrators should review transport agents active on their servers.

The post Exchange and the Turla LightNeuron Attack appeared first on Petri.

Continue reading Exchange and the Turla LightNeuron Attack→

Stick or Stay: Should I Upgrade to Exchange 2019?

Posted on March 14, 2019 by Tony Redmond

Exchange 2019 has been around for six months. It’s a good time to consider if on-premises organizations should upgrade or stick with the version of Exchange they run today. Exchange 2019 is a solid release, even if Microsoft’s engineering efforts are largely focused on the cloud these days. Of course, moving to Exchange Online is an option too, but perhaps not for the dedicated on-premises deployments.

The post Stick or Stay: Should I Upgrade to Exchange 2019? appeared first on Petri.

Continue reading Stick or Stay: Should I Upgrade to Exchange 2019?→

Microsoft Patches Zero-Day Browser Bug Under Active Attack

Posted on February 12, 2019 by Tom Spring

In its February Patch Tuesday bulletin Microsoft patches four public bugs and one that under active attack. Continue reading Microsoft Patches Zero-Day Browser Bug Under Active Attack→

Exchange Privilege Elevation Vulnerability Addressed by Microsoft Patches

Posted on February 12, 2019 by Tony Redmond

Exchange hack problem

The recent exposure of a privilege elevation vulnerability that exists in the control Exchange has over Active Directory and EWS push notifications is fixed by cumulative updates for Exchange 2013, Exchange 2016, and Exchange 2019 and a roll-up update for Exchange 2010 SP3. These changes mark an architectural modification for Exchange, something that Microsoft is loathe to do outside major releases. Install the updates now!

The post Exchange Privilege Elevation Vulnerability Addressed by Microsoft Patches appeared first on Petri.

Continue reading Exchange Privilege Elevation Vulnerability Addressed by Microsoft Patches→

Privilege escalation vulnerability uncovered in Microsoft Exchange

Posted on January 30, 2019 by John E Dunn

A researcher has discovered an alarming way that an attacker controlling a Microsoft Exchange mailbox account could potentially elevate their privileges to become a Domain Administrator. Continue reading Privilege escalation vulnerability uncovered in Microsoft Exchange→

Fixing a Multi-Protocol Exchange Server Vulnerability

Posted on January 29, 2019 by Tony Redmond

Exchange hack problem

No fix is available yet for the Exchange vulnerability reported by Dirk-jan Mollema and described in CVE-2018-8581. Apart from deploying a split permissions model, no out-of-the-box mitigation exists today. Microsoft is working actively to fix the problem and in the meantime, the brains of the Exchange community are hard at work to come up with possible solutions.

The post Fixing a Multi-Protocol Exchange Server Vulnerability appeared first on Petri.

Continue reading Fixing a Multi-Protocol Exchange Server Vulnerability→