November 27, 2024 at 05:39PM
Microsoft has re-released the November 2024 security updates for Exchange Server after resolving email delivery issues caused by the initial updates. Admins are advised to install the new version (Nov 2024 SUv2) for improved control and security. Automatic updates will be delayed until December to avoid disruption during Thanksgiving.
### Meeting Takeaways:
1. **Re-release of Security Updates**: Microsoft has re-released the November 2024 security updates for Exchange Server (Nov 2024 SUv2) after previously pulling them due to email delivery issues for servers using custom mail flow rules.
2. **Issue Acknowledged**: The original updates (Nov 2024 SUv1) caused email delivery interruptions for organizations using transport (mail flow) rules or data loss protection (DLP) rules.
3. **Action Required for Admins**:
– If Nov 2024 SUv1 was manually installed and no transport or DLP rules are used:
– **Action**: Install Nov 2024 SUv2 for better control over email headers.
– If Nov 2024 SUv1 was installed via Windows Update and no transport or DLP rules are used:
– **Action**: The server will automatically install Nov 2024 SUv2 in December 2024.
– If Nov 2024 SUv1 was uninstalled:
– **Action**: Reinstall Nov 2024 SUv2.
– If Nov 2024 SUv1 was never installed:
– **Action**: Directly install Nov 2024 SUv2.
4. **Health Checker Script**: Admins are advised to run the Exchange Health Checker script after installing security updates to identify configuration issues that may affect performance.
5. **Update Rollout Timing**:
– Automatic updates to Nov 2024 SUv2 will be available for servers receiving updates through Windows Update.
– The rollout has been delayed until December to avoid interference over the US Thanksgiving holiday.
6. **Enhancements in SUv2**: The Nov 2024 SUv2 includes improved control for detecting non-compliant P2 FROM headers, which adds warnings to potentially malicious emails. This feature is designed to address a severe vulnerability (CVE-2024-49040) that could enable attackers to forge sender addresses.
7. **Default Settings**: Detection of CVE-2024-49040 exploitation and email warnings will be enabled by default when secure settings are activated by admins.
### Next Steps for Participants:
– Ensure installation of SUv2 as per the outlined conditions.
– Run the Exchange Health Checker post-installation.
– Familiarize with the enhancements provided in the SUv2 update for better security management.