Announcements Archives - Yusuf USTUNDAG

Netlogon Protocol Changes – News !

April 10, 2023January 21, 2025 Yusuf Ustundag 3 Comments

As you know, Microsoft Netlogon protocol change process was activated with the November 8, 2022 updates (KB5021130 – CVE-2022-38023 ).

In previous announcements, “Enforcement by Default” would be activated with the April 11, 2023 updates, but it was postponed with new announcement which is 13 June, 2023.

By the way after the Windows updates that are dated on or after November 8, 2022 Windows updates are installed, you can add the “RequireSeal” key below.

Registry Key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters

Value: RequireSeal

Data Type: REG_DWORD

Data: 0 – Disabled

1 – Compatibility mode. Windows domain controllers will require that Netlogon clients use RPC Seal if they are running Windows, or if they are acting as either domain controllers or Trust accounts.

2 – Enforcement mode. All clients are required to use RPC Seal, unless they are added to the “Domain Controller: Allow vulnerable Netlogon secure channel connections” group policy object (GPO).

If you have more than one Domain Controller in your environment, you can distribute the registry key with the group policy method.

Or you can choose to use Powershell :

New-ItemProperty -Path "HKLM:\System\CurrentControlSet\Services\Netlogon\Parameters" -Name RequireSeal -Value DATA -PropertyType DWORD –Force

Note: Events 5838,5839 and 5840,5841 can be checked in the System Event Log on DCs with November 2022 updates installed to detect applications that may have problems.

Have a nice day!

March 2023 Exchange Server Security Updates

March 17, 2023January 22, 2025 Yusuf Ustundag 2 Comments

Microsoft Exchange Servers security updates have been released for March 2023.

These updates are available for the following specific versions of Exchange Server:

Exchange Server 2013 CU23 SU21 (Microsoft Exchange Server 2013 will reach its end of support on April 11, 2023)
Exchange Server 2016 CU23 SU7
Exchange Server 2019 CU11 SU11 & CU12 SU7

The recommendation is to install these updates immediately to protect your environment.
In the scenario where you do a Cumulative Update(CU), you need to make security updates. Otherwise, remember that you have to do the Cumulative Update(CU) first and then the Security Update(SU).

Inventory your Exchange Servers to determine which updates –> “Exchange Server Health Checker”
Choose your current CU and your target CU to get directions –> “Exchange Update Wizard”
If you encounter errors during or after installation of Exchange Server –> “Exchange Setup Assist”

Note: Don't double-click the 'MSP file' to run it. Run Command Prompt (not Powershell) as an Administrator.

Issues resolved with this update:

EWS web application pool stops after the February 2023 Security Update is installed .
⇒If you have applied a workaround for this issue, you should roll it back after the March security update.
Exchange Server 2016 or 2019 who have non-default applications installed through ECP add-ins, the ECP add-ins page might be broken after the February 2023 Security Update is installed
⇒The issue is expected to be resolved with the March security update.
The Get-App and GetAppManifests applications fail and return an exception, “MSExchangeServicesAppPool” application pool to repeat in the same order after the February 2023 Security Update is installed .
⇒The issue has been resolved with the March security update.

Exchange Toolbox and Queue Viewer fails after Certificate Signing of PowerShell Serialization Payload is enabled after the Janurary 2023 or the February 2023 Security Update is installed.
⇒The issue has been resolved with the March security update for servers running the Mailbox Role, but this issue persists on other servers with management console installed.

Have a nice day!

February 2023 Exchange Server Security Updates

February 19, 2023February 19, 2023 Yusuf Ustundag 4 Comments

Microsoft Exchange Servers security updates have been released for February 2023.

These updates are available for the following specific versions of Exchange Server:

Exchange Server 2013 CU23 SU20 (Microsoft Exchange Server 2013 will reach its end of support on April 11, 2023)
Exchange Server 2016 CU23 SU6
Exchange Server 2019 CU11 SU10 & CU12 SU6

Note: Don't double-click the 'MSP file' to run it. Run Command Prompt (not Powershell) as an Administrator.

Have a nice day!

Exchange Server 2013 End of Support Coming Soon – News !

January 13, 2023April 11, 2023 Yusuf Ustundag 6 Comments

Microsoft Exchange Server 2013 will reach its end of support on April 11, 2023.

This means that Microsoft will no longer provide security updates, technical assistance, or online technical content updates for the product. It is highly recommended that organizations using Exchange Server 2013 upgrade to a newer version of Exchange.

After that date, Microsoft will no longer provide:

Security fixes for vulnerabilities that are discovered and that may make the server vulnerable to security breaches
Bug fixes for issues that are discovered and that may impact the stability and usability of the server
Technical support for problems that may occur
Time zone updates
Even if the product continues to work after this date, It’s recommended to start “Exchange Server 2013” to “Exchange Online” or “Exchange Server 2019” migration as soon as possible.

Have a nice day!

January 2023 Exchange Server Security Updates

January 13, 2023January 13, 2023 Yusuf Ustundag 4 Comments

Microsoft Exchange Servers security updates have been released for January 2023.

These updates are available for the following specific versions of Exchange Server:

Exchange Server 2013 CU23 SU19
Exchange Server 2016 CU23 SU5
Exchange Server 2019 CU11 SU9 & CU12 SU5

Recommended Action :

Enable certificate signing of Powershell serialization payload
To defend Exchange Servers against attacks on serialized data, added certificate-based signing of PowerShell serialization payloads.
If you have a server running Microsoft Exchange Server 2013 in your environment, we recommend that you don’t turn on serialization payload signing for now.
In the first stage of rollout, this new feature must be manually enabled by an Exchange Server admin due to feature dependencies.
You can use to validate/create the required auth certificate

Note: Don't double-click the 'MSP file' to run it. Run Command Prompt (not Powershell) as an Administrator.

Have a nice day!

Basic Authentication Deprecation in Exchange Online – News !

November 17, 2022November 17, 2022 Yusuf Ustundag 6 Comments

As you know, the “Basic Authentication” configuration was turned off last month.
Organizations using Exchange Online are now protected from the vulnerabilities of legacy authentication.

However, this closure process will continue On December 31, 2022, with exemptions.

Microsoft says ;
Once Basic auth for Outlook, Exchange ActiveSync and Exchange Web Services has been permanently disabled in your tenant, there’s really no reason to keep Autodiscover enabled for Basic auth. So, we’re turning off Autodiscover next.

For more details ; Basic Authentication Deprecation in Exchange Online – What’s Next

Have a nice day !

October 2022 Exchange Server Security Updates

November 4, 2022January 13, 2023 Yusuf Ustundag Leave a comment

Microsoft Exchange Servers security updates have been released for October 2022.

These updates are available for the following specific versions of Exchange Server:

Exchange Server 2013 CU23
Exchange Server 2016 CU22 and CU23
Exchange Server 2019 CU11 and CU12

The following update paths are available:

These vulnerabilities only affect Exchange Server.
Exchange Online customers are already protected from the vulnerabilities addressed.

Note: Don't double-click the 'MSP file' to run it. Run Command Prompt (not Powershell) as an Administrator.

Additional Action Require!

As you know, we were doing /PrepareSchema and /PrepareAD operations before CU operations.
There is a new difference in the updates released in May.

The following actions should be taken in addition to the application of May 2022 security updates:

After doing cumulative update and security update then run the following Command Prompt command once using Setup.exe in your Exchange Server installation path "\Program Files\Microsoft\Exchange Server\v15\Bin"

"Setup.exe /IAcceptExchangeServerLicenseTerms_DiagnosticDataON /P"

Microsoft says that the step is necessary “because of additional security hardening work for CVE-2022-21978,” which is one of the vulnerabilities addressed by the updates.

When running a Database Availability Group, do not forget to put the Exchange Server Cluster(DAG) in maintenance mode.

Have a nice day!

Microsoft Ignite : The Microsoft Learn Cloud Skills Challenge

October 9, 2022October 9, 2022 Yusuf Ustundag Leave a comment

There are 7 challenges available to choose from, select one that’s right for you. Once you complete that challenge you will earn a free Microsoft Certification exam that can be applied to your choice from a select list of options.

Important Reminders

No matter how many Microsoft Learn Cloud Skills Challenges you complete, you can only earn one free Microsoft Certification exam.

If you earn a free Microsoft Certification exam, you will be notified via email when it becomes available. It will be delivered to the contact email for notifications associated with your Microsoft Learn profile. Confirm or add a contact email here to ensure emails are delivered.

Your free Microsoft Certification exam offer will be delivered by November 18, 2022 and will expire on February 15, 2023. You must complete your exam before this date. We highly recommend booking your exam at least one week in advance. To see the full list of eligible exams please refer to the official rules.

Preview and Register Now

The Microsoft Learn Cloud Skills Challenge

Microsoft Ignite: Intelligent Cloud Challenge
Microsoft Ignite: Cloud App Maker Challenge
Microsoft Ignite: AI Automation Challenge
Microsoft Ignite: Modern Work Challenge
Microsoft Ignite: Field Service Automation Challenge
Microsoft Ignite: Protect Everything Challenge
Microsoft Ignite: Cloud Developer Challenge

Eligible exams include:
- AZ-305: Designing Microsoft Azure Infrastructure Solutions
  Aligning Challenge: Microsoft Ignite: Intelligent Cloud Challenge
- PL-100: Microsoft Power Platform App Maker
  Aligning Challenge: Microsoft Ignite: Cloud App Maker Challenge
- DP-100: Designing and Implementing a Data Science Solution on Azure
  Aligning Challenge: Microsoft Ignite: AI Automation Challenge
- MS-700: Managing Microsoft Teams
  Aligning Challenge: Microsoft Ignite: Modern Work Challenge
- MS-720: Microsoft Teams Voice Engineer
  Aligning Challenge: Microsoft Ignite: Modern Work Challenge
- MB-240: Microsoft Dynamics 365 Field Service Functional Consultant
  Aligning Challenge: Microsoft Ignite: Field Service Automation Challenge
- SC-200: Microsoft Security Operations Analyst
  Aligning Challenge: Microsoft Ignite: Protect Everything Challenge
- AZ-400: Designing and Implementing Microsoft DevOps Solutions
  Aligning Challenge: Microsoft Ignite: Cloud Developer Challenge

Have a nice day !

Basic Authentication Deprecation Reminder and Final Update in Exchange Online

September 9, 2022November 17, 2022 Yusuf Ustundag 6 Comments

Starting October 1, Microsoft will begin to randomize tenants and disable basic authentication access for MAPI, RPC, Offline Address Book (OAB), Exchange Web Services (EWS), POP, IMAP, Exchange ActiveSync (EAS), and Remote PowerShell.
As you know, SMTP AUTH will not be affected by the changes made.

On the day of the change, Microsoft will notify each tenant through the Service Status Dashboard.

If you’re not ready to make these changes, You can do a One-Time Re-Enablement one last time as decided by Microsoft.

For all the details; Basic Authentication Deprecation in Exchange Online – September 2022 Update

Have a nice day !

Microsoft Exchange Community (MEC) Technical Airlift 2022

July 8, 2022July 8, 2022 Yusuf Ustundag 2 Comments

MEC is Back !

What is MEC ?

MEC has been known as the Microsoft Exchange Conference but this year it was renamed the Microsoft Exchange Community. As the name suggests, it is a Microsoft Exchange Family specific event. MEC features experts from Microsoft and elsewhere talking about Exchange Online, Exchange Hybrid, and Exchange Server.

The first MEC was held in San Diego, California in 1997.
After San Diego, in Boston (1998), Atlanta, Hamburg, and Tokyo (1999), Dallas, Singapore, Nice, and Tokyo (2000), Orlando and Nice (2001), and Anaheim (2002).

This is a free, digital event for IT professionals who work with Exchange Online and/or Exchange Server day-to-day, and ISVs and developers who make solutions that integrate with Exchange, which will take place Sept 13-14, 2022!

The Exchange Online and Exchange Server engineering teams have a lot of great content for customers and partners.

Exchange Server Roadmap
Exchange Server Feature Review
Delighting Exchange Online Admins
Expanding Usage and Security of Email in Exchange Online
Exchange Online Transport Future Initiatives: Bulk Mail and Exchange Transport Rules
Basic Auth Deprecation in Exchange Online
Exchange Online Support for Continuous Access Evaluation
Customer Key in Exchange Online

Prepare yourself for two days jam-packed with networking, unparalleled access to Exchange engineers and MVPs and, of course, the most in-depth information on Exchange you’ll find anywhere.

Thanks for bringing these MEC back !