Blog Post

Exchange Team Blog
6 MIN READ

Released: March 2023 Exchange Server Security Updates

The_Exchange_Team's avatar
The_Exchange_Team
Platinum Contributor
Mar 14, 2023
Microsoft has released Security Updates (SUs) for vulnerabilities found in: Exchange Server 2013 Exchange Server 2016 Exchange Server 2019 SUs are available in a self-extracting auto-elev...
Updated May 08, 2023
Version 22.0
announcements
Exchange 2013
exchange 2016
exchange 2019
on premises
security
setup
Dhruva_Kudva's avatar
Dhruva_Kudva
Brass Contributor
Mar 17, 2023

Nino_Bilic When we run the script on a pure on-premises environment by specifying the EWSServerURL property, we receive the error below. Is this related to Extended Protection enablement?

[PS] C:\OutlookCVE>Get-Mailbox -ResultSize Unlimited | .\CVE-2023-23397.ps1 -Environment Onprem -EWSServerURL "https://domain.com/EWS/Exchange.asmx"

cmdlet CVE-2023-23397.ps1 at command pipeline position 2
Supply values for the following parameters:
Credential
CVE-2023-23397 script version 23.03.15.2119
Trying to find Microsoft.Exchange.WebServices.dll in the script folder
Microsoft.Exchange.WebServices.dll was found in the script folder
Unable to connect to EWS endpoint. Please make sure you have enter valid credentials. Inner Exception

The request failed. The remote server returned an error: (401) Unauthorized.