Microsoft has re-released the November 2024 safety updates for Trade Server after pulling them earlier this month attributable to e mail supply points on servers utilizing customized mail movement guidelines.
The corporate introduced it pulled the updates from the Obtain Heart and Home windows Replace following widespread stories from admins that e mail had stopped flowing of their organizations.
This identified challenge impacts these clients who use transport (mail movement) guidelines or knowledge loss safety (DLP) guidelines, which is able to cease periodically after putting in the November Trade Server 2016 and Trade Server 2019 safety updates.
Right now, the Trade Workforce suggested admins who put in the unique November 2024 SU (Nov 2024 SUv1) to deploy the re-released November 2024 SU (Nov 2024 SUv2) that resolves the mail supply points in affected environments.
The corporate additionally shared the next desk, which offers detailed info on the actions admins should take primarily based on their atmosphere.
|
If Nov 2024 SUv1…
|
Then…
|
|
was put in manually, and you don’t use any transport or DLP guidelines,
|
it is suggested to put in the Nov 2024 SUv2 to realize extra granular management over the X-MS-Trade-P2FromRegexMatch header.
|
|
was put in utilizing Microsoft / Home windows replace and you don’t use any transport or DLP guidelines,
|
in December 2024, the server will obtain and set up the Nov 2024 SUv2.
|
|
was put in (manually or routinely) after which uninstalled to repair the difficulty with transport guidelines,
|
set up the re-released Nov 2024 SUv2.
|
|
was by no means put in,
|
set up the re-released Nov 2024 SUv2.
|
Microsoft additionally advises admins to at all times run the Trade Well being Checker script after putting in safety updates to detect frequent configuration points identified to trigger efficiency points and see if further steps is perhaps wanted.
“Servers that get automated updates from Home windows Replace will see the Nov 2024 SUv2 out there,” the corporate added on Tuesday.
“Please word that now we have delayed the discharge of the Nov 2024 SUv2 to Microsoft / Home windows Replace till December to forestall servers from routinely putting in the Nov 2024 SUv2 over the US Thanksgiving vacation.”
The Nov 2024 SUv2 package deal additionally provides extra granular management for “Non-RFC compliant P2 FROM header detection” designed so as to add warnings to malicious emails suspected of exploiting a high-severity Trade Server vulnerability (CVE-2024-49040) that may let attackers forge reputable senders to make malicious messages much more efficient.
Redmond says CVE-2024-49040 exploitation detection and e mail warnings shall be enabled by default on all servers the place admins toggle on safe by default settings.