Forum Discussion

ramki1465's avatar
ramki1465
Brass Contributor
Jan 17, 2023

Security Vulnerability for exchange server 2016 - Healthcheck.ps1

Hello All 

 

Currently my exchangeserver 2016 running on CU 23 with Jan 2023 SU , whenevr i run the .\healthchecker.PS1 script. it showing the below are 

 

Security Vulnerability
----------------------
IIS module anomalies detected: False
Security Vulnerability: Download Domains are not configured. You should configure them to be protected against CVE-2021-1730.
Configuration instructions: https://aka.ms/HC-DownloadDomains

 

THIS IS CAN BE IGNORED, since i dont have external certificate with SAN name download.domain.xyz

=====


Security Vulnerability: CVE-2022-24516, CVE-2022-21979, CVE-2022-21980, CVE-2022-24477, CVE-2022-30134
Extended Protection isn't configured as expected

 

CVE-2022-24516, CVE-2022-21979 - i have installed it , howver it keeps coming the script report, 

 

Since am running with latest CU , will this be ignored? Please suggest

Resources