Blog Post

Exchange Team Blog
6 MIN READ

Released: May 2022 Exchange Server Security Updates

The_Exchange_Team's avatar
The_Exchange_Team
Platinum Contributor
May 10, 2022
Microsoft has released security updates (SUs) for vulnerabilities found in: Exchange Server 2013 Exchange Server 2016 Exchange Server 2019 IMPORTANT: Starting with this release of Securit...
Updated May 27, 2022
Version 21.0
announcements
Exchange 2013
exchange 2016
exchange 2019
on premises
security
RalfG1705's avatar
RalfG1705
Copper Contributor
Jun 25, 2022

After installing the SU along with other Windowsupdates on an Exchange 2016 DAG with 2 Members we see a strange behaviour.

Most of all users (but suprisingly not all) get repeatly ask for password, when logging in to webinterface owa and when using activesync. It's proof, that the username password used is correct (I'm expierencing the wrong behaviour too). If users connect to ecp, etherything goes well.

At the moment we cannot determine, which update is the cause, because the exchange SU is a permanent one with no uninstall and the rolled out windows runs into problems when uninstalling and rollsback the uninstall to an installed state.

There seems to be more problems on one of the DAG member server, which cannot do some powershell commands to get states:

 

 

get-owavirtualdirectory -server xxxxx.xxxx.xxxxxxxxxxxx.xxxx 



WARNING: An unexpected error has occurred and a Watson dump is being generated: Retrieving the COM class factory for
remote component with CLSID {2B72133B-3F5B-4602-8952-803546CE3344} from machine xxxxx.xxxx.xxxxxxxxxxxx.xxxx failed
due to the following error: 800706a7 xxxxx.xxxx.xxxxxxxxxxxx.xxxx .
Retrieving the COM class factory for remote component with CLSID {2B72133B-3F5B-4602-8952-803546CE3344} from machine
xxxxx.xxxx.xxxxxxxxxxxx.xxxx failed due to the following error: 800706a7 xxxxx.xxxx.xxxxxxxxxxxx.xxxx .
+ CategoryInfo : NotSpecified: (:) [Get-OwaVirtualDirectory], COMException
+ FullyQualifiedErrorId : System.Runtime.InteropServices.COMException,Microsoft.Exchange.Management.SystemConfigur
ationTasks.GetOwaVirtualDirectory
+ PSComputerName : yyyy.xxxx.xxxxxxxxxxxx.xxxx

 

 

 

This happens, when the powershell command console is connected with the second DAG member (so the requested answer for server xxxx is answered by remote server yyyy). If I force the command console to connect to the local machine, the command will executed

We also cannot see the "wrong username/passwort"-requests the owa-webinterface claimes in according securitylog-entries on DC servers. If I intentionally set awrong password, the securitylog entry will be written.

Anyone with an explanation trial?

 

 

EDIT: Does it make sense to try install CU 23, as we are atm CU22 to try repair the corrupt com component?

Thanks in advance