Exchange Server 2013 End of Support Reminder

This article is contributed. See the original author and article here.

Just a reminder that Exchange Server 2013 reaches End of Support on April 11, 2023.  That’s a little more than 9 months from now. After that date, Microsoft will no longer provide:



  • Technical support for problems that may occur

  • Bug fixes for issues that are discovered and that may impact the stability and usability of the server

  • Security fixes for vulnerabilities that are discovered and that may make the server vulnerable to security breaches

  • Time zone updates


Exchange Server 2013 will continue to run after this date, of course; however, due to the risks listed above, we strongly recommend that you migrate from Exchange Server 2013 as soon as possible. If you haven’t already begun your migration from Exchange Server 2013 to Exchange Online or Exchange Server 2019, now’s the time to start planning.


In order to stay supported you can:



If you are upgrading to Exchange Server 2019, learn about what you need in your environment.


 


If you’re migrating to Exchange Online, you might be eligible to use our Microsoft FastTrack service. FastTrack provides best practices, tools, and resources to make your migration to Exchange Online as seamless as possible. Best of all, you’ll have a support engineer walk you through from planning and design to migrating your last mailbox. For more information about FastTrack, see Microsoft FastTrack.


 


For more information on what this means and what your options are, see Exchange 2013 end of support roadmap.


 


–The Exchange Team

MTC Weekly Roundup – June 24

MTC Weekly Roundup – June 24

This article is contributed. See the original author and article here.

Hello MTC-ers and welcome to the first Weekly Roundup of summer! Hope everyone is staying cool, at least in the Northern hemisphere anyways.


 


MTC Moments of the Week


 


This week we had an AMA with the Windows 365 team, featuring @Tristan Scott , @Scott Manchester , @Christiaan_Brinkhoff , and @Philip_Gerity  and moderated by @Heather Poulsen  One good question came from @Todd Godchaux around the game plan to make migrating GPOs to CSPs easier.


 


We also had a new blog post from @Martin Nothnagel  about new capabilities for Servicing profiles that customers have been asking for. Make sure to check it out!


 


This week, we had a good question from @abo999 around Microsoft Project and how to display start/finish times in two different time zones, and @John-project  came to the rescue with the right formula.


 


Unanswered Questions – Can you help them out?


 


@JuanRojas01 is having trouble getting users’ changed PC password to sync to Outlook. Has anyone run into this before?


 


Meanwhile @Anthony-123  wants to know if there is a way to change SharePoint’s… ahem… inconvenient way of displaying numerical file names:


Justin_Ong_0-1656000899622.png


 


 


 


Next Week


 


June 22 – AMA: Microsoft Defender for Identity

Malicious Cyber Actors Continue to Exploit Log4Shell in VMware Horizon Systems

This article is contributed. See the original author and article here.

 CISA and the United States Coast Guard Cyber Command (CGCYBER) have released a joint Cybersecurity Advisory (CSA) to warn network defenders that cyber threat actors, including state-sponsored advanced persistent threat (APT) actors, have continued to exploit CVE-2021-44228 (Log4Shell) in VMware Horizon® and Unified Access Gateway (UAG) servers to obtain initial access to organizations that did not apply available patches. The CSA provides information—including tactics, techniques, and procedures and indicators of compromise—derived from two related incident response engagements and malware analysis of samples discovered on the victims’ networks.

CISA and CGCYBER encourage users and administrators to update all affected VMware Horizon and UAG systems to the latest versions. If updates or workarounds were not promptly applied following VMware’s release of updates for Log4Shell, treat all affected VMware systems as compromised. See joint CSA Malicious Cyber Actors Continue to Exploit Log4Shell in VMware Horizon Systems for more information and additional recommendations.
 

New identity security posture assessment: Unsecure domain configurations

New identity security posture assessment: Unsecure domain configurations

This article is contributed. See the original author and article here.

“The tyranny of the default” has been a phrase that has worried many a security professional over the years; the constant struggle to make sure their systems are configured for optimal security, which often requires them to examine each feature individually.


 


To help security teams keep on top of monitoring where these configurations are, we are happy to report that we are adding a new identity-based security assessment called “Unsecure domain configurations” to the growing list of Microsoft Defender for Identity posture assessments.


 


Why are we adding this assessment?


Configuring Active directory optimal security has always been top of mind for the Microsoft Defender for Identity team and its research them, recent attacks, such as KrbRelayUp, had repeatedly shown us how certain, often default, settings can be used against their intended purpose and result in an identity compromise.


 


What configurations are we evaluating first?


We will be evaluating two distinct configurations as part of this assessment



  • Set ms-DS-MachineAccountQuota to “0” – Limiting the ability of non-privileged users to register devices in domain.

    • You can learn more about this particular property and how it affects device registration here

    • This evaluation will be available from launch, today.



  • Enforce LDAP Signing policy to “Require signing” – Unsigned network traffic is susceptible to man-in-the-middle attacks

    • This evaluation will be available in the next two weeks




This new assessment is part of our existing effort to secure your identity infrastructure alongside existing assessments such as the recommendation to disable the print spooler service on domain controllers


 


How do I use this security assessment?



  1. This new security assessment will be part of Microsoft Defender for identity list of improvement actions under Secure Score, you can click on the assessment and evaluate the list of affected domains and their configurations.


If you have the appropriate permissions to view the identity posture assessments, you can directly access this assessment on your tenant using this link.


 


ISPM1.jpg


 


 



  1. Take appropriate action on the affected domain, you can learn more here


 


We are working on adding more configurations to this Defender for Identity security posture assessments to help customers proactively secure their environments from exploitation, stay tuned!


For more information about Identity Security Posture assessments and Microsoft secure score, see



 


Or Tsemah, Senior Product Manager, Microsoft Defender for Identity.