On this week's show we discuss cyber security tips you can implement immediately to secure your Microsoft 365 tenant; on the roadmap we review the latest features including PowerPoint's latest new "cameo" feature, new casting and live streaming options in Teams, whiteboard sharing and more.
With Azure Front Door, you can reduce the strain on Exchange through caching, content compression, and by filtering out malicious bots before traffic even hits the on-premises network. In this article, we demonstrate how you can use Front Door to reduce your Exchange Server load, increase OWA Client performance and provide Microsoft managed certificates.
In this week's episode, Paul and myself get together to discuss - a bit more Exchange again - but don't worry, it's only more patches. Plus, Microsoft adds a new product into the E3 plans that we think you'll like - and as usual, the best from the Roadmap and Message Center
For the first episode of 2022, Paul Robichaux and I didn't think we'd still be talking about Microsoft Exchange. But, here we are - as with the new year, new problems in Exchange On-Premises greeted Exchange admins. On the show this week we discuss Y2K22 first, and then take a deep dive into why 2022 is beginning, yet again, with Exchange On-Premises issues.
A version checking problem for malware engine signature files caused on-premises Exchange servers to fail to process inbound email. The issue appears to be due to a date validation problem caused when the checking routine couldn't deal with 2022 when the new year rolled around. Microsoft fixed the problem, but the issue poses questions about Microsoft's commitment to on-premises Exchange Server.
We've had a bumper year on Practical 365. To finish up 2021 here are eleven articles that you can't miss as you break for the holiday season and get ready for 2022.
Microsoft has issued security updates for Exchange 2013, 2016, and 2019. The updates can only be applied to servers running up-to-date cumulative updates. Organizations running Exchange 2016 or 2019 should apply the updates as a matter of urgency because of a known vulnerability circulating in the wild.
Microsoft Ignite 2021 happens (virtually) on Nov 2-4. There are tons of sessions scheduled and in this post we consider some important Microsoft 365 topics that we hope Microsoft will cover to help technologists plan tenant development over the coming year. Above all, we're looking forward to being able to attend conferences like Ignite in person so that we can learn from experts from inside and outside Microsoft.
An interesting and worthwhile interview (available on YouTube) with security researcher Amit Serper reveals a lot more detail about the Autodiscover credential leak reported by Guardicore last month. The interview (with three Office 365 MVPs) goes through the collection of leaked credentials, how Serper tried to reproduce the problem, and his interaction with Microsoft. It’s a real pity Serper didn’t include the information in his original report as it would have taken a lot of heat out of the situation.
If you've migrated to Exchange Online, make sure you stop publishing your Exchange Servers to the internet. After a standard Hybrid migration, you still might be reliant on Exchange Server and in this article you can find out why and how to move remaining web services to Microsoft 365.
It's often helpful when security researchers like Guardicore shed light on flaws in Microsoft Exchange - however, the Autodiscover protocol isn't flawed in the way they describe. Even though the issue is hard to replicate, it shouldn't distract from the work you need to do to protect your organization from the underlying reason why people want your credentials.
Lots of excitement was generated when Guardicore revealed a purported vulnerability with the Exchange Autodiscover service. However, the almost total lack of detail about the configuration used for testing and to generate the reported results makes it impossible for Exchange administrators to check the theory against their own deployment. I don't think a problem exists with Exchange Online, but it's possible that poor DNS practice or flawed third-party clients could cause an issue with on-premises servers. The case remains to be proved.
