Microsoft this week again appealed to organizations using Exchange Online to move away from using "Basic Authentication," reminding them that support for it will get dropped, starting on Oct. 1, 2022.
Microsoft on Wednesday announced the release of its latest cumulative updates (CUs) for Exchange Server 2016 and Exchange Server 2019, while also outlining a coming CU release-cycle change from quarterly to biannual releases.
Exchange Online users soon will be getting some security enhancements that will enforce the use of Transport Layer Security (TLS) encryption for e-mails and ward off so-called "man-in-the-middle" attacks.
Improvements to the Microsoft Exchange Emergency Mitigation service are under consideration, Microsoft's Exchange team announced on Friday.
Organizations using Exchange Server will get a new automated emergency mitigation tool after installing Microsoft's September cumulative updates.
This week brings Exchange Online news regarding Basic Authentication, plus a September cumulative update delay for Exchange Server.
The Exchange team at Microsoft posted an announcement on Wednesday acknowledging "ProxyShell" threats and urging organizations to keep Exchange Server up to date with the latest cumulative updates and security updates.
Security researchers are seeing the appearance of LockFile ransomware deployments after attackers gained access to Exchange Server via a so-called "ProxyShell" vulnerability.
Recent scanning for a "Critical" remote code execution vulnerability (CVE-2021-34473) in Exchange Server, dubbed "ProxyShell," has been detected by security researchers.
The Biden administration released a statement on Monday naming the People's Republic of China as responsible for widespread cyberattacks that notably targeted Exchange Server users.
Microsoft on Wednesday announced another update on its plans to end the use of Basic Authentication with the Exchange Online e-mail messaging service.
Microsoft on Friday announced a coming delay in delivering this month's Exchange Server cumulative update (CU), which is being done to improve the security of those e-mail messaging products.
Just four CVEs were described as "Critical" in severity. Also included in the May bunch were patches for 50 "Important" vulnerabilities, plus one deemed "Moderate."
Microsoft this week announced the "general availability" commercial release of the "new" Exchange Admin Center management portal, a browser-based means for managing Exchange Online environments.
The U.S. Federal Bureau of Investigation (FBI) has deleted Webshells on Hafnium-compromised Exchange Server installations across the country, and is now sending notices to victim organizations, according to a Tuesday announcement.