March has been a difficult month for everyone with Exchange Servers. The HAFNIUM attack has some damage estimates exceeding 100,000 servers. And while the initial attack goal was data theft (exfiltration), there are now reports that the attack has shifted to ransomware. Microsoft has released a new, one-click mitigation tool, Microsoft Exchange On-Premises Mitigation Tool (which includes Microsoft [...]
A quick update to keep everyone informed on important Microsoft Exchange security updates: May 11, 2021 – Microsoft Exchange Server vulnerability – this time it is a security feature bypass and is one of the Exchange vulnerabilities that was found during PWN2OWN 2021. Microsoft has rated this as Exploitation Less Likely on the latest software [...]
Microsoft 365 | Exchange Server: Notes From the Field In this edition of notes from the field, we share how a Global Manufacturing company's messaging team was struggling to make Microsoft 365 a success. A single comment summarized the many challenges their Firstline workers were facing: "We've run into use cases where we are bumping [...]
A quick update to keep everyone informed on important Microsoft Exchange security updates: April 13, 2021 – Microsoft released new and urgent security updates for Exchange server 2019, 2016, 2013 covering four Remote Code vulnerabilities: […]
Last week we highlighted the exposures that exist with attachments in Outlook Web. This week we look at protecting Outlook Web from Denial of Service and Brute Force Attacks. Depending upon how you have configured Outlook Web Access (OWA) and Active Directory, you will be opening your network up to either brute force attacks or denial of [...]
Microsoft 365 | Exchange Server: Notes From the Field In this edition of notes from the field, we share how a Utility Provider running a Microsoft 365 pilot overcame complaints from field workers about the time required to complete and submit vital health and safety information with fillable Adobe Forms. The challenge came with the [...]
Microsoft 365 | Exchange Server: Notes From the Field In this edition of notes from the field, we share how Firstline Workers at a Global Outsourcing company were struggling to maintain a high level of customer service with Outlook Web after the company migrated to Microsoft 365 and Outlook Web. Microsoft does a great [...]
Microsoft 365 | Exchange Server: Notes From the Field In this edition of notes from the field, we share how a large Healthcare Provider was caught by surprise when they discovered that Microsoft 365 and Outlook Web broke their ability to email vital documents from their Human Resources intranet portal. In this case, the portal [...]
As you are aware, Microsoft released zero-day Security Updates last week for all versions of Exchange Servers.Microsoft has stated it is a critical-level update. It appears that ‘unauthenticated’ executions could occur on Exchange Servers exposing data.The following links summarize steps that your organization can take: […]
Its December & Good news is everywhere – the Holiday season is here, Microsoft just patched all versions of Exchange Servers, Vaccines are approved, and Messageware has officially released Exchange Protocol Guard 3.4, EPG! EPG 3.4 Security for Exchange Servers: This release includes our newest protection: LVA. LVA or Low-Volume Attacks are targeted persistent attacks [...]
