Microsoft: Outdated Exchange servers fail to auto-mitigate security bugs – BleepingComputer
Windows 11 24H2 now also offered to all eligible Windows 10 PCsHundreds of fake Reddit sites push Lumma Stealer malwareStealthy ‘Magic Packet’ malware targets Juniper VPN gatewaysSonicWall warns of SMA1000 RCE flaw exploited in zero-day attacksTalkTalk investigates breach after data for sale on hacking forumPayPal to pay $2 million settlement over 2022 data breachPC slowing down? This CCleaner deal can help clean your deviceZyxel warns of bad signature update causing firewall boot loopsHow to access the Dark Web using the Tor BrowserHow to enable Kernel-mode Hardware-enforced Stack Protection in Windows 11How to use the Windows Registry EditorHow to backup and restore the Windows RegistryHow to start Windows in Safe ModeHow to remove a Trojan, Virus, Worm, or other MalwareHow to show hidden files in Windows 7How to see hidden files in WindowsRemove the Theonlinesearch.com Search RedirectRemove the Smartwebfinder.com Search RedirectHow to remove the PBlock+ adware browser extensionRemove the Toksearches.xyz Search RedirectRemove Security Tool and SecurityTool (Uninstall Guide)How to Remove WinFixer / Virtumonde / Msevents / Trojan.vundoHow to remove Antivirus 2009 (Uninstall Instructions)How to remove Google Redirects or the TDSS, TDL3, or Alureon rootkit using TDSSKillerLocky Ransomware Information, Help Guide, and FAQCryptoLocker Ransomware Information Guide and FAQCryptorBit and HowDecrypt Information Guide and FAQCryptoDefense and How_Decrypt Ransomware Information Guide and FAQQualys BrowserCheckSTOPDecrypterAuroraDecrypterFilesLockerDecrypterAdwCleanerComboFixRKillJunkware Removal TooleLearningIT Certification CoursesGear + GadgetsSecurityBest VPNsHow to change IP addressAccess the dark web safelyBest VPN for YouTubeMicrosoft says outdated Exchange servers cannot receive new emergency mitigation definitions because an Office Configuration Service certificate type is being deprecated.Emergency mitigations (also known as EEMS mitigations) are delivered via the Exchange Emergency Mitigation Service(EEMS), introduced three years ago in September 2021.EEMS automatically applies interim mitigations for high-risk (and likely actively exploited) security flaws to secure on-premises Exchange servers against attacks. It detects Exchange Servers vulnerable to known threats and applies interim mitigations until security updates are released.EEMS runs as a Windows service on Exchange Mailbox servers and is automatically installed on servers with the Mailbox role after deploying September 2021 (or later) cumulative updates on Exchange Server 2016 or Exchange Server 2019.However, according to the Exchange Team, EEMS “is not able to contact” the Office Configuration Service (OCS) and download new interim security mitigations on out-of-date servers running Exchange versions older than March 2023, instead triggering “Error, MSExchange Mitigation Service” events.”One of older certificate types in OCS is getting deprecated. A new certificate has already been deployed in OCS, and any server that is updated to any Exchange Server Cumulative Update (CU) or Security Update (SU) newer than March 2023 will continue to be able to check for new EEMS mitigations,” the Exchange Team said today.”If your servers are so much out of date, please update your servers ASAP to secure your email workload and re-enable your Exchange server to check for EEMS rules. It is important to always keep your servers up to date. Running Exchange Server Health Checker will always tell you what you need to do!”The feature was added after state-sponsored and financially motivated hackers exploited ProxyLogon and ProxyShellzero-days, which lacked patches or mitigation information, to breach Exchange servers.In March 2021, at least ten hacking groups exploited ProxyLogon, including a Chinese-sponsored threat group known by Microsoft as Hafnium.Microsoft also urged customers two years ago, in January 2023, to apply the latest supported Cumulative Update (CU) and keep their on-premises Exchange servers patched to ensure they’re always ready to deploy emergency security updates.Microsoft Exchange 2019 has reached end of mainstream supportMicrosoft re-releases Exchange updates after fixing mail deliveryMicrosoft: Exchange 2016 and 2019 reach end of support in OctoberWindows 10 KB5049981 update released with new BYOVD blocklistMicrosoft January 2025 Patch Tuesday fixes 8 zero-days, 159 flawsNot a member yet? Register NowWindows 11 24H2 now also offered to all eligible Windows 10 PCsHacker infects 18,000 “script kiddies” with fake malware builderPowerSchool hacker claims they stole data of 62 million studentsStruggling with Security? Learn how VisionX + Splunk has you coveredPassword health-check overdue? Audit your Active Directory for freeGenerative AI: An MFA Game Changer for Security and Hacker StrategyCriminal IP Teams Up with OnTheHub for Digital Education CybersecurityCriminal IP: Real-Time Phishing Protection for Outlook UsersTerms of Use – Privacy Policy – Ethics Statement – Affiliate DisclosureCopyright @ 2003 – 2025 Bleeping Computer® LLC – All Rights ReservedNot a member yet? Register NowRead our posting guidelinese to learn what content is prohibited.
