SECURITY
SECURITY
SECURITY
Microsoft addresses Exchange bug that blocked emails starting on New Year’s Day
Microsoft Corp. has released an emergency fix for a bug that prevented on-premises Exchange servers from sending emails.
According to a blog post from the Exchange team, the bug struck on Jan. 1 and related to a date-check feature with the change to the year. The team emphasized that it was not a failure of the antivirus engine in Exchange, malware scanning or the malware engine.
It was not a specific security-related issue but an issue with the year becoming 2022. The affected versions, Exchange Server 2016 and Exchange Server 2019, couldn’t handle the new date when checking email against a signature file, causing the malware engine to crash, resulting in messages being stuck in transport queues.
Specifically, the error was caused when Microsoft Exchange checked the version of the FIP-FS antivirus scanning and attempted to store the date as a signed int32 variable. As noted today by Bleeping Computer, the variable can only store a maximum value of 2,201,010,001, which is less than the new date value of 2,202,010,001 for midnight on Jan. 1, 2022.
Converting a formatted date into an i32 is a galaxy brain move I never would've thought of. I'm sure that the source code has a comment somewhere saying "fixme: should be changed at some point"
— 。゚・m(>Д<#)/m/・゚。🏳️🌈 (@dada78641) January 1, 2022
Microsoft has created a solution to address the problem. However, customer action is required to implement the solution.
Using an automated solution, affected customers should download an automated script. Before running the script, they need to change the execution policy for PowerShell scripts by running “Set-ExecutionPolicy -ExecutionPolicy RemoteSigned.” The script should be run on each Exchange mailbox server that downloads anti-malware updates within an organization using elevated Exchange Management Shell. A restart of the Exchange Server is then required for the fix to take effect.
Microsoft also offers a longer manual solution to address the problem. Presumably, a simpler-to-use fix will be rolled out shortly as an update to Exchange 2016 and 2019.
There have been no reports of other software experiencing issues at the beginning of the new year in date handling, but it wouldn’t be surprising if Exchange isn’t alone in experiencing some issues.
Image: Marco Verch/Flickr
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
