Blog Post

Exchange Team Blog
5 MIN READ

Released: January 2023 Exchange Server Security Updates

The_Exchange_Team's avatar
The_Exchange_Team
Platinum Contributor
Jan 10, 2023
Microsoft has released Security Updates (SUs) for vulnerabilities found in: Exchange Server 2013 Exchange Server 2016 Exchange Server 2019 SUs are available in a self-extracting auto-elev...
Updated Sep 18, 2023
Version 9.0
announcements
Exchange 2013
exchange 2016
exchange 2019
security
wolfgang-frey's avatar
wolfgang-frey
Copper Contributor
Jan 13, 2023

I can confirm:

After applying KB5022143 and activating the certificate signing of PowerShell serialization payload feature on two of six  EX2016CU23 (with all previously released SU installed) DAG members on WinServer2016 (1607 Build 14393.5582) the Queue Viewer won't work and the cmdlet "Get-ExchangeCertificate" returns only blank lines.

 

Installation procedure

- Put DAG member in maintenance mode,
- clearing reboot directly after this,
- after relogin disabled av,
- opened adminisistrative cmd,
- executed Exchange2016-KB5022143-x64-de.exe (which has been proven as valid download by filehash from csv-file provided, thanks very much for this), 
- after reboot/relogin executed the three commands in elevated Exchange shell from https://support.microsoft.com/en-us/topic/certificate-signing-of-powershell-serialization-payload-in-exchange-server-90fbf219-b0dd-4b2c-8a68-9d73b3309eb1 - not deactivating maintenance mode

 

Failure Queue Viewer

- first start of Toolbox and Quene Viewer successful, showing only one quue due maintenance modes is still on and queues are not ready

- after a few minutes an error message is displayed (screenshot and message text can be provided), beginning " The process 'mmc' (PID = 21488) has been initialized as Unknown Multiple instance type un-expectedly.

- from then on when Tool box is startet a mmc snap in error will be displayed (screenshot can be provided), beginning "Deserialization fails: System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.InvalidOperationException: The process 'mmc' (PID = 17176) has been initialized as Unknown Multiple instance type un-expectedly.
Reasons of this exception: 1. For any product executables, which will be shipped out of box, they should never use AD driver functionality without initializing its performance counter instance since we can NOT show a intuitive Perf Counter instance name here.
2. We don't need the validation for test assembly because we don't care for its performance counter naming; however, we definitely want to make sure it is under our control, so that we don't miss any out of box product DLLs/EXEs."

 

Get-ExchangeCertificate not showing the certs when called from non elevated Exchange shell

Command returnd blank lines (while executed in an elevated shell returns the correct certs):

"Thumbprint Services Subject
---------- -------- -------

 

 

"