Exchange Server November 2024 Security Update

Microsoft, below Exchange Server has released Security Updates (SUs) for vulnerabilities found in versions of:

  • Exchange Server 2019
  • Exchange Server 2016

These updates apply to specific Exchange Server versions:

Exchange Server November 2024 Security Updates address vulnerabilities that have been responsibly reported by Microsoft's security partners and through Microsoft's internal processes. While there is currently no information indicating that these vulnerabilities are actively being exploited, it is recommended that you install these updates immediately to protect your environment.

These vulnerabilities only affect Exchange Server. Exchange Online customers are already protected from the vulnerabilities addressed by these updates, and only Exchange servers or workstations using Exchange Management tools need to be updated.

For specific CVE details on vulnerabilities  Security Update Guide You can browse.

Improvements to Exchange Server AMSI Integration

With the November 2024 Security Update, we expanded the functionality so that products that use Exchange Server AMSI integration can perform additional operations on message bodies. This feature is disabled by default and can be enabled on a per-protocol basis. We recommend that you enable the feature for specific services first, as this can lead to performance issues. Additionally, if you experience any issues after enabling Exchange Server AMSI body scanning, please contact us.

Inappropriate RFC 5322 P2 FROM Header Detection

To address the CVE-2024-49040 vulnerability, a new feature was added to detect P5322 FROM headers in incoming email messages that do not conform to RFC 2 standards. The P2 FROM header is part of the message header displayed in the recipient's email client (for example, Outlook) in an email message. It contains the sender's email address or name (if the sender is internal) that appears in the Sender field when viewing an email in the inbox. For more information, see the documentation.

Improvements to ECC Certificate Support

The November 2024 Security Update improves support for ECC certificates. ECC certificates can now be used on Edge Transport servers and can be connected to POP and IMAP services. There has been a change to how ECC Certificate support is enabled. In the previous version, the feature required the use of “New-SettingOverride” to enable it. With the November 2024 Security Update, this feature can now be enabled by creating a registry value. See the documentation for details.

Exchange Server SU Installation

The following update paths are available:

image
  • Install the latest CU for Exchange Server. You can check the instructions using Exchange Update Wizard to select your current CU and target CU
  • Check for updates by inventorying your Exchange servers. Exchange Server Health Checker You can check the need for updates (CU, SU or manual operations) by running the script.
  • https://cengizyilmaz.net/exchange-server-health-check/
  • After installing an SU, run the Health Checker again to see if any additional action is needed.
  • If you encounter errors during or after Exchange Server installation, run the SetupAssist script. If you experience any issues after updates, refer to the instructions for repairing failed installations in Exchange Cumulative and Security Updates.

Frequently Asked Questions

Our organization is in Hybrid mode with Exchange Online. Do we need to do anything?

Exchange Online is already protected, but this SU must be installed on your Exchange servers, even if they are used for administrative purposes only. If you change the authentication certificate after installing an SU, you must rerun the Hybrid Configuration Wizard.

The last SU we installed is several months old. Do we need to install all SUs to install the latest update?

SUs are cumulative. If you are using a CU supported by SU, you do not need to install all SUs in order; just install the latest SU. For more information, see this blog post.

Do we need to install SU on all Exchange servers in our organization? Or just the machines running Administrative Tools?

To ensure compatibility, we recommend that you install SU on all your Exchange servers and on servers and workstations running Exchange Management Tools. If you want to update Exchange Management Tools in an environment without a running Exchange server, you can find information about this here.

Note: Some documents may not be fully available as of the date of publication. This post may receive updates in the future; if available, they will be listed here.


Similar Articles – Exchange Server November 2024 Security Update

One comment on “Exchange Server November 2024 Security Update”

Comment