We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies.
Customize Consent Preferences
We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.
The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ...
Always Active
Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.
No cookies to display.
Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.
No cookies to display.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.
No cookies to display.
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
No cookies to display.
Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.
Microsoft users had a tough time to send or load attachments to emails when using Outlook, were unable to connect to the server, and in some cases could not log into their accounts.
Microsoft Exchange Online is a platform for business communication that has a mail server and cloud apps for email, contacts, and calendars.
Microsoft mitigated the issue after identification were able to determine the cause of the outages and is rolling out a fix for the issue. That rollout is gradual, however, as outage reports continue to come in at DownDetector.
Impact
The outage left many users unable to communicate with colleagues, particularly as it coincided with the start of the workday in Europe. Frustration quickly spread across social media, with users reporting issues accessing emails and participating in Teams calls
Re-release of November 2024 Exchange Server Security Updates
Summary
OEM
Microsoft
Severity
High
Date of Announcement
27/11/2024
Product
Microsoft Exchange Server
CVE ID
CVE-2024-49040
CVSS Score
7.5
Exploited in Wild
No
Patch/Remediation Available
Yes
Advisory Version
1.0
Overview
On November 27, 2024, Microsoft re-released the November 2024 Security Updates (SUs) for Exchange Server to resolve an issue introduced in the initial release on November 12, 2024. The original update (SUv1) caused Exchange Server transport rules to intermittently stop functioning, particularly in environments using transport or Data Loss Protection (DLP) rules. The updated version (SUv2) addresses this issue.
Table of Actions for Admins:
Scenario
Action Required
SUv1 installed manually, and transport/DLP rules are not used
Install SUv2 to regain control over the X-MS-Exchange-P2FromRegexMatch header.
SUv1 installed via Windows/Microsoft Update, no transport/DLP rules used
No immediate action needed; SUv2 will be installed automatically in December 2024.
SUv1 installed and then uninstalled due to transport rule issues
Install SUv2 immediately.
SUv1 never installed
Install SUv2 immediately.
Remediation Steps
1.Immediate Actions
Use the Health Checker script to inventory your Exchange Servers and assess update needs.
Install the latest Cumulative Update (CU) followed by the November 2024 SUv2.
2.Monitor System Performance
After enabling AMSI integration for message bodies, monitor for any performance issues such as delays in mail flow or server responsiveness.
3.Run SetupAssist Script for Issues
Use the SetupAssist script to troubleshoot issues with failed installations or update issues, and check logs for specific error details.