Trusted by more than 2500 companies with over 5 million users

Moving to Microsoft Exchange SE (decommissioning 2013 and 2016)

Microsoft has announced significant changes to the Exchange Server roadmap, introducing Exchange Server Subscription Edition (SE) as the next major release. This update brings important implications for organizations currently running Exchange Server 2013 and 2016. Key Points Exchange Server SE will be available for download in early Q3 2025. Exchange 2013 and 2016 will no [...]

Moving to Microsoft Exchange SE (decommissioning 2013 and 2016)2024-10-29T05:50:22-04:00

Messageware Z-Day Guard v1.5 Expands MDR Security to Azure, Exchange, and Windows Servers

TORONTO - Sept. 12, 2024 - PRLog -- Messageware Incorporated, a leader in cybersecurity solutions, announced a new version of Z-Day Guard, their advanced server security product. This update significantly broadens Z-Day Guard's protection to all Microsoft Windows Server platforms. "We've taken our extensive industry expertise and comprehensive understanding of server security to extend our protection capabilities," said Mark Rotman, President [...]

Messageware Z-Day Guard v1.5 Expands MDR Security to Azure, Exchange, and Windows Servers2024-09-13T07:45:58-04:00

Another Global Outage Disrupts Microsoft 365 and Azure Services

Microsoft 365 and Azure services experienced a significant global outage on July 30, 2024, affecting millions of users worldwide. Microsoft has confirmed that the nine-hour outage which disrupted multiple Microsoft 365 and Azure services worldwide, was caused by a distributed denial-of-service (DDoS) attack. The outage impacted critical services including Microsoft Entra, some Microsoft 365 and [...]

Another Global Outage Disrupts Microsoft 365 and Azure Services2024-08-01T10:20:12-04:00

Microsoft 365 and CrowdStrike Outages Cause Global Disruptions

Follow this link for an updated and comprehensive analysis of the CrowdStrike Outage. A series of unprecedented IT outages has sent shockwaves through businesses and public services worldwide, highlighting the vulnerabilities of our interconnected digital systems. The disruptions stemmed from two separate incidents: a major Microsoft 365 service outage and a botched update of CrowdStrike's [...]

Microsoft 365 and CrowdStrike Outages Cause Global Disruptions2024-10-29T05:45:11-04:00

Messageware Newsletter H1 2024

With the first half of 2024 behind us, it's clear that companies are continuing to prioritize cybersecurity projects to strengthen defenses and enhance operations. In this newsletter, I wanted to share exciting cybersecurity updates from Messageware, as well as important industry news. Z-Day Guard cybersecurity solution New Version Available: We are excited to announce that [...]

Messageware Newsletter H1 20242024-07-16T09:35:24-04:00

Keylogger Discovered Stealing Login Credentials from Microsoft Exchange Servers Worldwide

A sophisticated keylogger has been found embedded in the main login page of Microsoft Exchange Servers, stealing account credentials from unsuspecting users. The malicious code was discovered by Positive Technologies' Expert Security Centre (PT ESC) during an incident response operation. The keylogger records usernames and passwords entered on the Exchange login page and stores them [...]

Keylogger Discovered Stealing Login Credentials from Microsoft Exchange Servers Worldwide2024-07-12T02:46:34-04:00

Exchange Server Roadmap Update

Great news! Microsoft has announced exciting developments for the future of on-premises Exchange with the introduction of Exchange Server SE set to launch early in Q3 of 2025. This new subscription edition (SE) will arrive just as support for Exchange Server 2019 concludes on October 14, 2025. Administrators should note the tight timeline for transition [...]

Exchange Server Roadmap Update2024-05-22T09:20:55-04:00

Released: April 2024 Exchange Server Hotfix Updates

Microsoft has released Hotfix Updates (HUs) that enable support for new functionality and address issues in the March 2024 Security Update (SU). The April 2024 HU is available for the following builds of Exchange Server: Exchange Server 2019 CU13 and CU14 Exchange Server 2016 CU23 New Features The April 2024 HU introduce support for elliptic curve cryptography (ECC) certificates and [...]

Released: April 2024 Exchange Server Hotfix Updates2024-05-23T07:51:13-04:00

Microsoft’s Security Failures: A Wake-Up Call for the Tech Industry

In the summer of 2023, Microsoft faced a major cybersecurity crisis when Chinese state-sponsored hackers managed to breach the email accounts of several U.S. government officials and organizations through Microsoft's Exchange Online software. The incident, which affected over 500 individuals and 22 organizations, has been described as a "cascade of security failures" by the U.S. [...]

Microsoft’s Security Failures: A Wake-Up Call for the Tech Industry2024-04-04T07:44:16-04:00

New Windows Server Updates Causing Domain Controller Crashes and Reboots

If you're a Windows administrator, you might want to hold off on installing the latest March 2024 Windows Server updates. Widespread reports have surfaced of domain controllers crashing and restarting after applying these updates, causing headaches for IT professionals and disruptions for businesses. The Culprit: LSASS Memory Leak The root of the problem appears to [...]

New Windows Server Updates Causing Domain Controller Crashes and Reboots2024-03-25T10:05:22-04:00

Microsoft March 2024 Patch Tuesday: Exchange Server Security Updates

Description of Security Update 5 for Exchange Server 2019: March 12, 2024 (KB5036402) The March 2024 SUs address vulnerabilities responsibly reported to Microsoft by security partners and found through Microsoft’s internal processes. Although we are not aware of any active exploits in the wild, our recommendation is to immediately install these updates to protect your [...]

Microsoft March 2024 Patch Tuesday: Exchange Server Security Updates2024-03-13T04:32:39-04:00

New Zero-day Vulnerability Could Impact 97,000 Microsoft Exchange Servers

Tens of thousands of Microsoft Exchange servers worldwide could be vulnerable to a recently disclosed zero-day privilege escalation vulnerability that is already being actively exploited by threat actors. The vulnerability, tracked as CVE-2024-21410, allows a remote, unauthenticated attacker to relay a user's Windows NT LAN Manager (NTLM) credentials or "hashes" to impersonate legitimate users on [...]

New Zero-day Vulnerability Could Impact 97,000 Microsoft Exchange Servers2024-02-21T13:07:36-05:00

Microsoft February 2024 Patch Tuesday: Exchange Server Security Updates

2024 H1 Cumulative Update for Exchange Server Microsoft announced the availability of the 2024 H1 Cumulative Update (CU) for Exchange Server 2019 (aka CU14). CU14 includes fixes for customer reported issues, a security change, and all previously released Security Updates (SUs). FEATURED PRODUCT Z-Day Guard for Servers Next generation threat hunting for zero-day attacks on [...]

Microsoft February 2024 Patch Tuesday: Exchange Server Security Updates2024-10-29T05:47:04-04:00

Microsoft 365, Exchange Online impacted by ActiveSync issues

Feb 13, 2024, users connecting to Exchange Online with the latest version of Outlook Desktop are being impacted, as reported today by Petri and Windows Report news sites. The issue has been occurring since early February and is under investigation by Microsoft. The ActiveSync issues are specific to those with 365 Exchange Online, and those [...]

Microsoft 365, Exchange Online impacted by ActiveSync issues2024-02-13T12:54:25-05:00

CVE-2024-21410 Microsoft Exchange Server Elevation of Privilege Vulnerability

CVE-2024-21410 is a critical vulnerability in Microsoft Exchange Server, presenting an elevation of privilege. It has a CVSS score of 9.8. This vulnerability enables attackers to execute authentication relay attacks by misusing the Net-NTLMv2 protocol. Vendor: Microsoft Product: Microsoft Exchange Server Vulnerability Type: Elevation of Privilege Base CVSS Score: 9.8 (Critical) Follow this link for [...]

CVE-2024-21410 Microsoft Exchange Server Elevation of Privilege Vulnerability2025-06-05T09:47:26-04:00

Russian Hackers Breach Microsoft, Stealing Sensitive Emails

On January 19th, Microsoft disclosed that a group of Russian state-sponsored hackers, known as Nobelium or Midnight Blizzard, infiltrated its corporate systems and accessed sensitive emails from members of its leadership team. New details have now emerged explaining how the attackers gained entry and what they were after. The initial breach occurred in late November [...]

Russian Hackers Breach Microsoft, Stealing Sensitive Emails2024-02-21T12:54:27-05:00

October 2023: Changes to Exchange Online

October has been a busy month of changes for Exchange Online users. This article summarizes recent updates and announcements from Microsoft on the Exchange Team Blog. 1) Farewell to Remote PowerShell in Exchange Online Earlier this year, Microsoft officially depreciated the Remote PowerShell Protocol (RPS) in Exchange Online. This month, RPS is no longer available [...]

October 2023: Changes to Exchange Online2023-10-18T18:08:53-04:00

Milestone Achievement: Messageware Software in 55 Countries

Great news - Messageware has reached a significant milestone in its journey. Our software is now used in an impressive 55 countries worldwide! Our dedicated team of experts continuously improve our Microsoft Exchange Server security software to stay ahead of ever-evolving cyber threats. We’re proud of our growing client base: 2500+ enterprises in all industries; [...]

Milestone Achievement: Messageware Software in 55 Countries2023-08-10T16:12:12-04:00

Microsoft Exchange ProxyNotShell Vulnerability Explained and How to Mitigate It

ProxyShell and ProxyLogon are two high severity exploits against Microsoft Exchange Servers discovered in 2021. Both vulnerabilities enable threat actors to perform remote code execution on vulnerable systems. A year later, another easily exploitable vulnerability named ProxyNotShell is threatening unpatched Exchange Servers. Here's a great article we recommend you read: Microsoft Exchange ProxyNotShell vulnerability explained [...]

Microsoft Exchange ProxyNotShell Vulnerability Explained and How to Mitigate It2022-12-19T07:41:19-05:00

CVE-2022-41082 Microsoft Exchange Server Remote Code Execution Vulnerability

Advisory Release CVE-2022-41082 was publicly disclosed by Microsoft on September 30, 2022, after being identified as part of an active exploitation campaign targeting Microsoft Exchange servers. The vulnerability was included in CISA’s Known Exploited Vulnerabilities (KEV) catalog on the same day, underscoring its significance and the urgency for remediation. Key Details CVE-2022-41082 is a remote [...]

CVE-2022-41082 Microsoft Exchange Server Remote Code Execution Vulnerability2025-05-13T08:04:52-04:00