​Microsoft has reissued the November 2024 safety updates for Trade Server after withdrawing them earlier this month because of e mail supply points on servers that use customized mail move guidelines.
The corporate introduced it. launched the updates from Obtain Heart and Home windows Replace beneath widespread stories of directors that e mail had stopped flowing of their organizations.
This recognized subject impacts clients who use transport guidelines (mail move) or knowledge loss safety (DLP) guidelines, which can cease periodically after putting in the November safety updates for Trade Server 2016 and Trade Server 2019. .
At present, the alternate workforce suggested directors who put in the unique November 2024 SU (November 2024 SUv1) to implement the relaunched November 2024 SU (November 2024 SUv2) that resolves mail supply points within the affected environments.
The corporate additionally shared the next desk, which gives detailed info on the actions directors ought to take primarily based on their atmosphere.
|
If November 2024 SUv1…
|
So…
|
|
It was put in manually and doesn’t use any transport or DLP guidelines,
|
It is suggested to put in SUv2 November 2024 for extra granular management over the X-MS-Trade-P2FromRegexMatch header.
|
|
was put in by way of Microsoft/Home windows replace and doesn’t use any DLP or transport guidelines,
|
In December 2024, the server will obtain and set up the November 2024 SUv2.
|
|
was put in (manually or routinely) after which uninstalled to repair the issue with transport guidelines,
|
Set up the relaunched SUv2 in November 2024.
|
|
it was by no means put in,
|
Set up the relaunched SUv2 in November 2024.
|
Microsoft additionally recommends that directors at all times run the Trade Well being Checker Script after putting in safety updates to search for frequent configuration points which might be recognized to trigger efficiency issues and see if extra steps could also be wanted.
“Servers that obtain automated updates from Home windows Replace will see the November 2024 SUv2 out there,” the corporate added on Tuesday.
“Please word that now we have delayed the discharge of the November 2024 SUv2 for Microsoft/Home windows Replace till December to stop servers from routinely putting in the November 2024 SUv2 throughout the US Thanksgiving vacation.”
The November 2024 SUv2 package deal additionally provides a extra granular examine for “non-RFC compliant FROM P2 header detection”, designed so as to add warnings to malicious emails suspected of exploitation. a excessive severity vulnerability in Trade Server (CVE-2024-49040) which can enable attackers to spoof respectable senders to make malicious messages far more efficient.
Redmond says CVE-2024-49040 exploit detection and e mail warnings can be enabled by default on all servers the place directors activate safe settings by default.
