Forum Discussion
Security Vulnerability for exchange server 2016 - Healthcheck.ps1
Hello All
Currently my exchangeserver 2016 running on CU 23 with Jan 2023 SU , whenevr i run the .\healthchecker.PS1 script. it showing the below are
Security Vulnerability
----------------------
IIS module anomalies detected: False
Security Vulnerability: Download Domains are not configured. You should configure them to be protected against CVE-2021-1730.
Configuration instructions: https://aka.ms/HC-DownloadDomains
THIS IS CAN BE IGNORED, since i dont have external certificate with SAN name download.domain.xyz
=====
Security Vulnerability: CVE-2022-24516, CVE-2022-21979, CVE-2022-21980, CVE-2022-24477, CVE-2022-30134
Extended Protection isn't configured as expected
CVE-2022-24516, CVE-2022-21979 - i have installed it , howver it keeps coming the script report,
Since am running with latest CU , will this be ignored? Please suggest
- You need to enable Extended Protection: https://microsoft.github.io/CSS-Exchange/Security/Extended-Protection/
Check the link above for exceptions. Once you enable EP, download the latest Health checker script and run it. You should not see that message again.
- Dhruva_KudvaBrass ContributorYou need to enable Extended Protection: https://microsoft.github.io/CSS-Exchange/Security/Extended-Protection/
Check the link above for exceptions. Once you enable EP, download the latest Health checker script and run it. You should not see that message again.- ramki1465Brass ContributorThanks @Dhruva. Let me update