Microsoft has revealed that Exchange Server Subscription Edition (SE) will debut in the third quarter of 2025. This upcoming on-premises release will require organizations to get subscription licenses for accessing product updates, security patches, and technical support. According to Microsoft, Exchange Server SE will be “code equivalent” to Exchange Server 2019 CU15, but it would...
Microsoft has released an advisory regarding a critical vulnerability in Exchange Server. The company disclosed this zero-day flaw in the February 2024 Patch Tuesday updates and cautioned that it is currently being actively exploited in the wild. The security vulnerability, tracked as CVE-2024-21410, could allow hackers to relay NT LAN Manager (NTLM) hashes and impersonate…
Microsoft has warned customers that a Russian state-sponsored hacking group (dubbed Forest Blizzard (STRONTIUM)) is actively exploiting an Outlook flaw to target Exchange Servers. The vulnerability could potentially unlock unauthorized access to emails and pave the way for the pilfering of sensitive information. In March, Microsoft disclosed a critical vulnerability in Outlook for Windows that…
Microsoft has announced its plans to enable Extended Protection by default on Exchange Server later this year. Scheduled to roll out with the 2023 H2 Cumulative Update, the new security feature will help organizations to boost protection against credential theft and man-in-the-middle attacks. Windows Extended Protection is a security feature that is designed to secure…
Last Update: Aug 08, 2023
In Office 365 (Exchange Online) and Exchange Server environments, granting ‘Full Mailbox’ access to a user is a common administrative task, especially when dealing with shared mailboxes, delegation, or troubleshooting. In this article, we will explore step-by-step procedures for granting Full Mailbox access to users in both Office 365 and Exchange Server environments. I will…
Microsoft has detailed its plans to protect organizations against persistently vulnerable Exchange Servers. Starting on May 10, the company is introducing a new transport-based enforcement system that will block email traffic from unpatched or out-of-support Exchange Server instances. Microsoft explained that it will implement the new transport-based enforcement system in eight stages. The service will…
Microsoft is introducing a transport-based enforcement system in Exchange Online that will throttle and block emails from old Exchange Servers. The company explained that this change aims to encourage organizations to upgrade to a supported version of Exchange Server. Microsoft has found that thousands of on-premises customers are running outdated versions of Exchange Servers. The…
Microsoft has published an advisory recommending IT admins to remove select antivirus exclusions in Exchange Servers. The company explained that this configuration change should help IT admins to improve the security posture of their organizations. Up until now, Microsoft recommended Exchange Server admins to configure antivirus solutions to protect their systems. It is also a…
Microsoft is reminding customers that it’s ending extended support for Exchange Server 2013. After April 11, 2023, the older version of Exchange Server will no longer receive any new security patches, technical support, time zone updates, and bug fixes. Microsoft launched Exchange Server 2013 back in January 2013. The company ended its mainstream support four…
Microsoft has recommended customers to deploy the latest January 2023 security updates on on-premises Exchange servers. The company urges IT admins to keep their Exchange servers patched to protect their organization from cyberattacks and security threats. In a Techcommunity blog post, Microsoft raised an alarm that malicious actors are increasingly leveraging vulnerabilities to compromise unpatched…