Welcome to Q1 2025!

Last year ended quietly with no Exchange Server updates since November. The new year promises to be eventful, with significant changes to Exchange Server and Microsoft Windows. We expect major updates and product launches from Microsoft this year.

While Microsoft delivers these new product updates, Messageware is focused on continuing to protect customers with Microsoft technologies. We’ve launched new versions of our Windows Server Threat Monitoring software (Z-Day) and also our Exchange Server specific Protocol Guard (EPG).

Start the New Year with a cybersecurity plan. Set aside 10 minutes to discover Messageware’s security solutions firsthand. Schedule a short meeting with us at your convenience.

New Version of Messageware’s Exchange Server Guard (EPG)

This EPG release takes proactive steps against a number of recently detected Exchange Server probes. These probes target Exchange Server protocols using an unsupported authentication mechanism. EPG now applies both Low Volume Attack (LVA) and High Volume Attack (HVA) handling, proactively shutting them down at the initial stages. EPG effectively reports and neutralizes potential threats before they escalate into full-scale attacks, providing additional layers of defense for your critical infrastructure.

FEATURED PRODUCT

EPG Guard for Exchange Server

Real-time security stops AD account lockouts, eliminates password attacks, provides intelligent GEO blocking, and prevents vulnerability probing.

ACTIVATE FOR 30 DAYS →

New Version of Messageware’s Server Threat Monitoring (Z-Day)

Recently announced, Z-Day Guard v2.0 is now available and delivers advanced multi-server threat monitoring. The new version simplifies threat detection across multiple servers while maintaining our industry-leading protection against zero-day vulnerabilities.

Enhanced Multi-Server Management

  • Single dashboard provides consolidated health reporting and simplified visibility across all servers, streamlining monitoring of your entire environment

Proactive Security

  • Preconfigured server templates and automated baseline monitoring detect unusual changes, enabling immediate response to potential threats

📢 30 Days Free

Microsoft Releases Exchange 2019 Server CU15

Big News! Microsoft has officially released Cumulative Update 15 (CU15) for Exchange Server 2019, marking a significant milestone as the final update before moving to Exchange SE (Subscription Edition). CU15 (2025 H1) introduces critical enhancements and paves the way for the highly anticipated Exchange Server SE, expected October-2025 as Exchange 2016 and 2019 approach end-of-support. Microsoft is pressing on organizations to upgrade to CU15 promptly, required for in-place transitions to Exchange Server SE.

Exchange Server SE offers:

Enhanced Security and Updates

  • Regular updates including security patches, technical support, and continuous maintenance to ensure secure email infrastructure

Technical Improvements

  • New functionalities including TLS 1.3 support
  • GUI-based certificate management in the Exchange admin center
  • Simplified server upgrade process similar to installing cumulative updates

Licensing and Support

  • Streamlined licensing model aligned with Exchange Online
  • Simplified license management through Software Assurance or subscription models

Outdated Exchange Servers Lose Automatic Vulnerability Protection

Microsoft has issued a critical security alert affecting Exchange servers as of January 2025. The company’s Automatic Mitigation (AutoMitigate) feature has stopped functioning on servers running versions older than March 2023 due to a deprecated Office Configuration Service certificate type. This issue prevents the Exchange Emergency Mitigation Service (EEMS) from receiving new security mitigations, leaving affected servers vulnerable to potential cyberattacks. To restore protection, organizations must update their Exchange servers to a version newer than March 2023, apply the latest Cumulative Update, and verify their configuration using the Exchange Server Health Checker.

Budgeting in the Dark (Exchange SE)

Organizations running Exchange 2016 or 2019 on-premises may face a significant budgeting challenge for 2025. While it has been announced that Exchange 2019 CU15 will seamlessly transition to Exchange SE, Microsoft has not yet announced a pricing structure for the implied subscription-based licensing model. The only confirmed detail is that Exchange SE will follow SharePoint Server SE’s licensing framework, requiring either subscription licenses or software assurance for both server and user licenses. Without specific pricing information, organizations are concerned that they cannot accurately budget or plan for this transition.

Threat Monitoring for Microsoft Servers

Messageware is dedicated to providing the expertise and solutions you need to secure your Microsoft server infrastructure. We understand how difficult it is to navigate evolving cybersecurity challenges and that’s why we encourage you to have a conversation with us about strengthening your Windows Server security. Our comprehensive server threat monitoring solution protects not only Exchange Server, but all Microsoft Windows Servers.

Best regards,

Mark Rotman
President and CEO Messageware Incorporated