Emails from outdated or unpatched Exchange Servers will be blocked

If you don’t update, you won’t be able to send out emails anymore

2 min. read

Published onMay 9, 2023

published onMay 9, 2023

Share this article

Read our disclosure page to find out how can you help Windows Report sustain the editorial teamRead more

Key notes

We know that you are aware of the fact that there are several instances in the recent past where Exchange Servers were under attack.

We’ve covered cases in which vulnerabilities have been exploited in order to extract information or sums of money from unsuspecting victims.

You can check some of the fixes applied through thelast Patch Tuesday rolloutand see what you have to worry about and what not to worry about.

Some of the above-mentioned scenarios include the Hivewindows.exeransomware case from 2022, followed by a couple of 0-day attacks later in the year, among others.

The situation is about to change pretty soon, as Microsoft is planning on taking some extra security measures.

Microsoft is tightening the security belt around its products

In order to improve security, earlier this year, Microsoft recommended removing certain objects from the exclusion list. This followed January’s update which improved PowerShell payload security.

Today, however, Microsoft has updated a Tech Communityblog postwhere it has shared details on how it is protecting against unsupported, unpatched Exchange Servers.

These server versions are the most vulnerable category since they no longer receive updates, including those for security.

The Redmond tech giant says that it is enabling a transport-based enforcement system (TES) in Exchange Online.

And, in case you are wondering how transport-based enforcement systems function, it will basically help to throttle or delay emails from unpatched servers until they are remediated.

In case there is no upgrade to the vulnerable server, the email flow will consequently be blocked, to avoid future problems.

Thus, to efficiently address this problem, Microsoft is enabling a transport-based enforcement system in Exchange Online that has three primary functions: reporting, throttling, and blocking.

Keep in mind that the system was designed to alert an admin about unsupported or unpatched Exchange servers in their on-premises environment that need remediation (upgrading or patching).

Furthermore, it also has throttling and blocking capabilities, so if a server is not remediated, mail flow from that server will be throttled (delayed) and eventually blocked.

Microsoft doesn’t want to delay or block legitimate emails, but it does want to reduce the risk of malicious emails entering Exchange Online by putting in place safeguards and standards for email entering our cloud service.

Remember to share your thoughts and opinions with us in the dedicated comments section located right below.

With KB5043178 to Release Preview Channel, Microsoft advises Windows 11 users to plug in when the battery is low#

Copilot in Outlook will generate personalized themes for you to customize the app#

Microsoft will raise the price of its 365 Suite to include AI capabilities#

Death Stranding Director’s Cut is now Xbox X|S at a huge discount#

Outlook will let users create custom account icons so they can tell their accounts apart easier#

Emails from outdated or unpatched Exchange Servers will be blocked#

Microsoft is tightening the security belt around its products#

With KB5043178 to Release Preview Channel, Microsoft advises Windows 11 users to plug in when the battery is low

Copilot in Outlook will generate personalized themes for you to customize the app

Microsoft will raise the price of its 365 Suite to include AI capabilities

Death Stranding Director’s Cut is now Xbox X|S at a huge discount

Outlook will let users create custom account icons so they can tell their accounts apart easier

Emails from outdated or unpatched Exchange Servers will be blocked

Microsoft is tightening the security belt around its products