Exchange
Microsoft: Outdated Exchange servers fail to auto-mitigate security bugs
Microsoft says outdated Exchange servers cannot receive new emergency mitigation definitions because an Office Configuration Service certificate type is being deprecated. Emergency mitigations (also known as EEMS mitigations) are delivered via the Exchange Emergency Mitigation Service(EEMS), introduced three years ago in September 2021. EEMS automatically applies interim mitigations for high-risk (and likely actively exploited) security flaws […]
Microsoft: Exchange 2016 and 2019 reach end of support in October
Microsoft has reminded admins that Exchange 2016 and Exchange 2019 will reach the end of extended support in October and shared guidance for those who need to decommission outdated servers. Exchange 2016 reached its mainstream end date in October 2020, while Exchange 2019 reached the end of mainstream support on January 9, 2024. “On October 14, 2025, 9 months […]
Eagerbee backdoor deployed against Middle Eastern govt orgs, ISPs
New variants of the Eagerbee malware framework are being deployed against government organizations and internet service providers (ISPs) in the Middle East. Previously, the malware was seen in attacks conducted by Chinese state-backed threat actors who Sophos tracked as ‘Crimson Palace.’ According to a new report by Kaspersky researchers, there’s a potential connection to a threat group they […]
Microsoft pulls Exchange security updates over mail delivery issues
Microsoft has pulled the November 2024 Exchange security updates released during this month’s Patch Tuesday because of email delivery issues on servers using custom mail flow rules. The company announced it pulled the updates from Windows Update and the Download Center following widespread reports from admins saying that email had stopped flowing altogether. This issue affects customers using transport rules (also known […]