Items specifically related to Exchange 2019
Exchange 2019 CU15 has been released to the Microsoft Volume Licensing Center and the public Microsoft Download site! Exchange 2019 has a different servicing strategy than Exchange 2007/2010 and utilises Cumulative Updates (CUs) rather than the Rollup Updates (RU/UR) which were used previously. CUs are a complete installation of Exchange 2019 and can be used to install a fresh server or to upd… Read the rest “Exchange 2019 CU15 Released (2025 H1)”
Exchange 2019 CU14 will enforce the use of Extended Protection (EP) by default. This is the desired security configuration as we need to harden the traffic to help prevent Attacker In the Middle (AiTM) style attacks. This is not a new thing, and the Exchange team added support for EP in the previous releases as an optional (but strongly recommended) feature. The intent was that customers would … Read the rest “Exchange 2019 CU14 – Extended Protection New Setup Command Line Options”
Want some updates to go with your updates? That’s pretty much what you are getting with the April 2024 Exchange updates. We can split the features which are part of the April 2024 release into two main areas:
The April 2024 HU is available for the following builds of Exchange Server:
Exchange 2019 CU14 has been released to the Microsoft Volume Licensing Center and the public Microsoft Download site! Exchange 2019 has a different servicing strategy than Exchange 2007/2010 and utilises Cumulative Updates (CUs) rather than the Rollup Updates (RU/UR) which were used previously. CUs are a complete installation of Exchange 2019 and can be used to install a fresh server or to upd… Read the rest “Exchange 2019 CU14 Released (2024 H1)”
Today marks the end of Exchange 2019’s mainstream support. This will likely resurface the discussion about what do we do with on-premises Exchange, where is the next version and do we even still need Exchange Server if all mailboxes are in Exchange Online? While there is a solution to removing the last Exchange Server from on-premises it does have it's caveats and considerations. Please ensure … Read the rest “End of Exchange 2019 Mainstream Support”
After upgrading Web Application Proxy (WAP) to Windows Server 2019 you may run into an issue with certain applications that are published via WAP to the Internet.
In the below example the AD FS upgrade went well with no issues. The AD FS farm and WAP servers were upgraded to Windows Server 2019 and all appeared to be going well. Too well that was, as when the external tests were validated against… Read the rest “Unable To Access OWA Externally Via WAP 2019”
Reviewing the output of an environement's CAS Namespaces showed that there was an unexpecte URL present for the version of Exchagne that was installed. With Exchange 2013 onwards InternalNLBBypassURL is not something that we need to set. That was an Exchange 2007 and 2010 thing.
In the environment below note that there are couple of things that pique my interest.
Any thoughts?
What is interesting i… Read the rest “Exchange Unexpected InternalNLBBypass URL – RecoverServer”
Exchange 2019 CU13 has been released to the Microsoft Volume Licensing Center and the public Microsoft Download site! Exchange 2019 has a different servicing strategy than Exchange 2007/2010 and utilises Cumulative Updates (CUs) rather than the Rollup Updates (RU/UR) which were used previously. CUs are a complete installation of Exchange 2019 and can be used to install a fresh server or to upd… Read the rest “Exchange 2019 CU13 Released (2023 H1)”
Extended Protection (EP) was added to Windows back in 2009 as a new security feature. This feature enhances the protection and handling of credentials when authenticating network connections using Integrated Windows Authentication (IWA).
The update itself does not directly provide protection against specific attacks such as credential forwarding, but allows applications to opt-in to Extended Protect… Read the rest “Updated Guidance On Exchange Server Extended Protection”
Extended Protection uses service binding and channel binding to help prevent an authentication relay attack. In an authentication relay attack, a client that can perform NTLM authentication (for example, Windows Explorer, Microsoft Outlook, a .NET SqlClient application, etc.), connects to an attacker (for example, a malicious CIFS file server). The attacker uses the client's credentials to masquer… Read the rest “Exchange Server Extended Protection”