Microsoft has released security updates (SUs) for vulnerabilities found in:
Exchange Server 2013
Exchange Server 2016
Exchange Server 2019
IMPORTANT: Updates are released in a self-extrac...
Updated Aug 11, 2022
Version 8.0
Blog Post
LukasSMSFT
Microsoft
MicrosoftForgemaztah021 it’s always a good practice to install the latest updates for your OS. There is no prerequisite regarding a particular Windows update from Exchange side. However, Windows Extended Protection is a feature which comes with IIS and IIS is a Windows component. Therefore it’s recommended to install the recent Windows Updates.
neilhoward84 SSL Offloading is enabled by default for Outlook Anywhere (OA) and must be disabled. The command looks good. The PowerShell script that we provide will do some prerequisites checks and will not progress if SSL or OA settings are not as expected. It will also show you the command to run to disable SSL offloading. You can simply copy&paste it from there. Enabling Windows Extended Protection can have a huge impact if it’s done wrong or when the prerequisites are not fulfilled. NTLMv1 for example was never designed to work with EP and therefore it simply doesn’t work, Hybrid Agent acts as a Man-in-the-Middle (MitM) and this is what Extended Protection was designed for to actively prevent.
DuRa78 thanks for reporting. This is still under investigation and I hope we have some more information to share soon.