Thursday, December 12, 2024
HomeCyber Security NewsMicrosoft Re-Releasing Exchange Server Nov 2024 Security Update Fixing Transport Rules

Microsoft Re-Releasing Exchange Server Nov 2024 Security Update Fixing Transport Rules

Published on

SIEM as a Service

Microsoft has re-released the November 2024 Security Update (SU) with enhancements to rectify problems encountered with transport rules.

Originally rolled out on November 12, 2024, as part of its ongoing security update efforts, the initial SU (referred to as Nov 2024 SUv1 with article KB5044062) led to unexpected interruptions in transport rules, impacting certain environments after some time.

The re-released update, labeled as Nov 2024 SUv2, was made available on November 27, 2024, under article KB5049233.

- Advertisement - SIEM as a Service

This update not only resolves the transport rules issue but also introduces improved control over the X-MS-Exchange-P2FromRegexMatch header, enhancing the robustness and reliability of the Exchange Server.

Analyze cyber threats with ANYRUN's powerful sandbox. Black Friday Deals : Get up to 3 Free Licenses.

Steps for Application

Depending on how the initial update was applied and the specific needs of an organization, Microsoft has outlined a clear course of action:

  1. Manual Installation without Transport or DLP Rules: If the original SUv1 was installed manually and your environment does not utilize transport or DLP rules, it is advisable to update to SUv2 to benefit from the enhanced control provided.
  2. Automatic Installation without Transport or DLP Rules: Environments that received the initial SUv1 through Microsoft/Windows Update will automatically receive the updated SUv2 in December 2024.
  3. Uninstalled SUv1 to Address Transport Rules Issue: For those who uninstalled the original SU to address the transport rule issue, immediate installation of SUv2 is recommended to ensure functionality and security.
  4. No Installation of SUv1: If the original SU was never installed, applying SUv2 is necessary to safeguard your system and benefit from the latest updates.

The downloadable links for the re-released update are accessible through the November 2024 SU announcement blog post.

Microsoft also encourages users to consult the initial release blog post for additional necessary actions and recommends running the Exchange Health Checker to determine any further steps needed for maintaining system health.

Through these timely interventions, Microsoft continues to demonstrate its commitment to providing secure and reliable solutions, ensuring that organizations can maintain seamless and secure communications infrastructure.

Leveraging 2024 MITRE ATT&CK Results for SME & MSP Cybersecurity Leaders – Attend Free Webinar

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

ConvoC2 – A Red Teamers Tool To Execute Commands on Hacked Hosts Via Microsoft Teams

A stealthy Command-and-Control (C2) infrastructure Red Team tool named ConvoC2 showcases how cyber attackers...

Cleo 0-day Vulnerability Exploited to Deploy Malichus Malware

Cybersecurity researchers have uncovered a sophisticated exploitation campaign involving a zero-day (0-day) vulnerability in...

GitLab Security Update, Patch for Critical Vulnerabilities

GitLab announced the release of critical security patches for its Community Edition (CE) and...

BadRAM Attack Breaches AMD Secure VMs with $10 Device

Researchers have uncovered a vulnerability that allows attackers to compromise AMD's Secure Encrypted Virtualization...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

ConvoC2 – A Red Teamers Tool To Execute Commands on Hacked Hosts Via Microsoft Teams

A stealthy Command-and-Control (C2) infrastructure Red Team tool named ConvoC2 showcases how cyber attackers...

Cleo 0-day Vulnerability Exploited to Deploy Malichus Malware

Cybersecurity researchers have uncovered a sophisticated exploitation campaign involving a zero-day (0-day) vulnerability in...

GitLab Security Update, Patch for Critical Vulnerabilities

GitLab announced the release of critical security patches for its Community Edition (CE) and...