Microsoft Releases Exchange Server Updates to Improve Security of PowerShell Payloads

Datacenter networking servers

Microsoft has released yesterday the January 2023 Security Updates (SUs) for all supported versions of the Exchange Server. The latest updates aim to address critical security vulnerabilities that could allow attackers to gain system privileges in Exchange Server 2013, 2016, and 2019.

Microsoft also highlighted that the January 2023 updates for Exchange Server should improve the security for PowerShell payloads. The company has introduced a new feature that lets IT admins configure certificate-based signing of PowerShell serialization payloads. It’s designed to protect customers against cyber attacks on serialized data.

“Serialization is the process of converting the state of an object into a form (stream of bytes) that can be persisted or transmitted to memory, a database, or a file. PowerShell, for example, uses serialization (and its counterpart deserialization) when passing objects between sessions,” the Exchange team explained.

Update paths

How to enable certificate signing of PowerShell serialization payload

Microsoft notes that it’s up to the IT admins to manually enable the certificate-based signing feature in Exchange Server 2013, 2016, and 2019. However, administrators will need to ensure that the January 2023 security updates are installed on all Exchange-based servers.

Additionally, Microsoft warned that those who turn on the feature before updating the servers might encounter deserialization failures or other problems. The Exchange team plans to enable certificate signing of PowerShell serialization payload by default in an upcoming update.

Microsoft has acknowledged a known issue with the latest Exchange Server security updates. Specifically, the bug causes rendering issues with web page previews for URLs shared in the Outlook Web App (OWA). The company has promised to deliver a fix in a future update, though there is no ETA yet.

Microsoft has also released new Patch Tuesday updates for Windows 10 and Windows 11 PCs. The January 2023 Patch Tuesday updates also marked the end of support for Windows 7 Extended Security Updates and Windows 8.1, and you can check out our separate post for more details.