It's often helpful when security researchers like Guardicore shed light on flaws in Microsoft Exchange - however, the Autodiscover protocol isn't flawed in the way they describe. Even though the issue is hard to replicate, it shouldn't distract from the work you need to do to protect your organization from the underlying reason why people want your credentials.
It has been a tiring year for Exchange on-premises and hybrid administrators and unfortunately, it's not getting any easier. The HAFNIUM exploits cast a negative light on Microsoft Exchange, re-emphasizing why email is a crucial part of any organization and that nothing and no one is exempt from an attack. Find out why and what you can do to protect your organization NOW.
Microsoft's Exchange Server woes continued when the online copy of the Hybrid Configuration Wizard was hijacked and replaced by a text file. The problem is now fixed, but it underlines the need for vigilance in all parts of the Microsoft 365 ecosystem.
Microsoft has issued critical security updates for Exchange on-premises servers. The fixes close off four known vulnerabilities which expose Exchange to day-zero attacks. It's important to apply these updates ASAP.
Microsoft has released a critical security update for a memory corruption vulnerability in all versions of Exchange Server.
How to manage Exchange Server mailbox and delegate cross-forest permissions Office 365 hybrid deployments.
Microsoft has released new cumulative updates for Exchange Server 2016, 2013, and 2010 in March 2018.
Want better email signature controls in Exchange Server and Exchange Online? Add your vote to the UserVoice, and show Microsoft how much demand there is for this feature.
Microsoft has provided updated guidance for customers running outdated Exchange Server cumulative updates and .NET Framework versions.
Microsoft has published guidance for Exchange Server and Office 365 customers for the Spectre and Meltdown processor vulnerabilities.
Microsoft has released new cumulative updates for Exchange Server 2016, 2013, and 2010 in December 2017.
September 2017 - Microsoft has released new cumulative updates for Exchange Server 2016 and 2013.
