Exchange 2016 CU20 has been released to the Microsoft download centre! Exchange 2016 has a different servicing strategy than Exchange 2007/2010 and utilises Cumulative Updates (CUs) rather than the Rollup Updates (RU/UR) which were used previously. CUs are a complete installation of Exchange 2016 and can be used to install a fresh server or to update a previously installed one. Exchange 2013 h… Read the rest “Exchange 2016 CU20 Released”
Microsoft Defender for Identity (MDI) is a critical component in the Defender security stack, designed to protect on-premises Active Directory (AD) environments from advanced attacks such as credential theft, lateral movement, and domain dominance. Before it carried the Defender name, this product had a long and interesting evolution. One that mirrors Microsoft’s broader journey into identity sec… Read the rest “Installing Microsoft Defender For Identity – February 2021”
You will have seen the multiple posts and communications around the Hafnium Exchange security issue. One of the most disconcerting issues has been the number of Exchange installs that have not been patched in several years. Once the storm has abated, I'll put down some thoughts and talk through some of the most problematic issues, but for now let's focus on the task in hand. Security updates ar… Read the rest “Install March 2021 Security Update–Exchange 2013 Net Framework 4.7.2”
The below are a series of links, tips and some very brief thoughts on Hafnium. I will purposefully not include the content of the other locations as it is changing so rapidly, and there is no way to ensure that it would be updated here in a timely fashion.
If you read nothing else, please ensure that you install the update from an elevated CMD prompt if you are manually installing.
Fai… Read the rest “Collected Links For Hafnium – March 2021 Exchange Security Issue”
Transport Layer Security (TLS) and Secure Sockets Layer (SSL) are protocols that provide secure communications. Today several versions of these protocols exist, and not all of them are considered secure by Microsoft or other security companies.
Schannel is a Security Support Provider (SSP) that implements the SSL, TLS and Datagram Transport Layer Security (DTLS) Internet standard authentication pro… Read the rest “TLS Musings”
Today is an out of band security release for Exchange. Due to the way that Exchange 2010 is serviced, security updates are released as a new update rollup (RU).
You can visit the Microsoft Security Response Center to read the details about this and the other released security updates.
Note – The image does not show RU 32, and I'll update it once the download site is corrected.
This is build 14.03.… Read the rest “Exchange 2010 SP3 RU32 Released”
Security updates were released today for Exchange 2010, 2013, 2016 and 2019. Attacks were detected which leveraged these vulnerabilities, so an out of band set of updates was released
This a remote code execution on TCP 443 and is already being exploited as a 0-Day attacks against on-premises Exchange servers.
Microsoft strongly recommends installing this update immediately. Internet facing server… Read the rest “Out of Band Critical Exchange Security Updates–March 2021”
Endpoint security has always been a cornerstone of enterprise protection. Microsoft Defender for Endpoint (MDE) is the enterprise offering from Microsoft in this space. MDE is a leading solution for advanced threat detection and response. MDE is not a new product, it has already been in market for several years. You would have recognised it by the previous names Microsoft Advanced Threat Prote… Read the rest “Initial Defender for Endpoint Setup”
After installing Defender for Identity sensor onto AD FS, you may experience an issue where the service does not enter the running state.
In the Microsoft Defender for Identity portal the sensor is reported as "Not Configured"
Since the AD FS sensor is new (January 2021), you initially installed sensors onto all of your AD Domain Controllers.
The below indicates that all o… Read the rest “Defender For Identity Sensor Service Fails To Start on AD FS – Sequence Contains No Elements”
The below post initially stemmed from an Exchange Risk Assessment which noted that all of the customer's Exchange servers were missing critical Windows updates. The customer's security team were slightly upset as they believed (mistakenly) that all assets were properly updated. This was not the case. When we looked into the details, the monthly Windows Server 2012 R2 updates had been failing to… Read the rest “Unable to Install Windows Updates or Windows Components”