Microsoft has announced that the Exchange Server cumulative updates (CUs) are switching to a biannual release schedule. The company currently releases CUs quarterly, but this slow release cycle will allow organizations to keep their Exchange servers up-to-date more easily. “We are moving to a release cadence of two CUs per year – releasing in H1...
Last Update: Sep 04, 2024
This post was Sponsored by Stellar, you can learn more about their EDB Recovery Tool here. Exchange Server is Microsoft’s enterprise email, calendaring, contact, scheduling, and collaboration platform. It is an enterprise-class server that is primarily focused on sending, receiving, and storing email messages for all of the users in the organization. The current version…
Last Update: Sep 04, 2024
Microsoft has a new tool that will make installing a temporary patch much easier to block known HANFIUM attacks.
Last Update: Sep 04, 2024
In a surprise development, Microsoft has released the source code for the Extensible Storage Engine (ESE) on GitHub. Fans of the non-SQL database engine, which has powered every version of Exchange since the initial 4.0 release twenty-five years ago, now have the chance to peruse the ESE code. Although Microsoft isn’t accepting suggestions to improve…
Last Update: Sep 04, 2024
Last October, I wrote about One Outlook, Microsoft’s vision for the future of its family of email clients. The basis of the story was a collection of three technologies deemed critical for the long-term development of Outlook: OWA Powered Experiences (OPX), Microsoft synchronization technology, and the augmentation loop. Mary-Jo Foley’s recent story about the Monarch…
Last Update: Sep 04, 2024
Put October 13 In Your Diary Time passes and products age, except in the cloud where renewal is an ongoing process. For Exchange Server 2016, Microsoft is keen for you to know that it reaches the end of mainstream support on October 13, 2020. Extended support for Exchange 2016 ceases on October 14, 2025. Exiting…
The revelations that Exchange Server has had a vulnerability in the Exchange Control Panel since Exchange 2010 shocked some. Microsoft has patched CVE-2020-0688, but the problem gives on-premises administrators something to think about as they look to the long-term future of their email service. Staying on-premises is an option, but going to the cloud might be more secure.
Last Update: Sep 04, 2024
A Microsoft employee commented that Exchange 2019 is the last on-premises version, something that would bring the era of Exchange to a close after 25 or so years. Perhaps that’s the case, and certainly there’s been a huge transition of email workload to Exchange Online. But is an opinion expressed by a single Microsoft employee enough to tell us what will happen over the next few years?
Last Update: Sep 04, 2024
Exchange 2019 has been around for six months. It’s a good time to consider if on-premises organizations should upgrade or stick with the version of Exchange they run today. Exchange 2019 is a solid release, even if Microsoft’s engineering efforts are largely focused on the cloud these days. Of course, moving to Exchange Online is an option too, but perhaps not for the dedicated on-premises deployments.
Last Update: Sep 04, 2024
The recent exposure of a privilege elevation vulnerability that exists in the control Exchange has over Active Directory and EWS push notifications is fixed by cumulative updates for Exchange 2013, Exchange 2016, and Exchange 2019 and a roll-up update for Exchange 2010 SP3. These changes mark an architectural modification for Exchange, something that Microsoft is loathe to do outside major releases. Install the updates now!
Last Update: Sep 04, 2024
No fix is available yet for the Exchange vulnerability reported by Dirk-jan Mollema and described in CVE-2018-8581. Apart from deploying a split permissions model, no out-of-the-box mitigation exists today. Microsoft is working actively to fix the problem and in the meantime, the brains of the Exchange community are hard at work to come up with possible solutions.
Last Update: Sep 04, 2024
A newly-discovered vulnerability in Exchange potentially allows attackers to gain control over Active Directory. Since Exchange 2000, Exchange has been a highly-privileged server that’s tightly connected to Active Directory. Add in some NTLM weakness, Exchange Web Services push notifications, and everything comes together for the bad guys.