Emails from outdated or unpatched Exchange Servers will be blocked

If you don't update, you won't be able to send out emails anymore

by Alexandru Poloboc
Alexandru Poloboc
Alexandru Poloboc
News Editor
With an overpowering desire to always get to the bottom of things and uncover the truth, Alex spent most of his time working as a news reporter, anchor,... read more
Affiliate Disclosure
  • Not updating or upgrading can seem comfortable, but it's not at all recommended.
  • Microsoft will now protect against unsupported, unpatched Exchange Servers.
  • If you haven't upgraded to a newer version, your emails will be immediately blocked.
exchange
XINSTALL BY CLICKING THE DOWNLOAD FILE
A message from our partner

To fix Windows PC system issues, you will need a dedicated tool

  • Download Fortect and install it on your PC
  • Start the tool's scanning process to look for corrupt files that are the source of your problem
  • Right-click on Start Repair so the tool could start the fixing algorythm
Download from Fortect.com Fortect has been downloaded by 0 readers this month, rated 4.4 on TrustPilot

We know that you are aware of the fact that there are several instances in the recent past where Exchange Servers were under attack.

We’ve covered cases in which vulnerabilities have been exploited in order to extract information or sums of money from unsuspecting victims.

You can check some of the fixes applied through the last Patch Tuesday rollout and see what you have to worry about and what not to worry about.

Some of the above-mentioned scenarios include the Hive windows.exe ransomware case from 2022, followed by a couple of 0-day attacks later in the year, among others.

The situation is about to change pretty soon, as Microsoft is planning on taking some extra security measures.

Microsoft is tightening the security belt around its products

In order to improve security, earlier this year, Microsoft recommended removing certain objects from the exclusion list. This followed January’s update which improved PowerShell payload security.

Today, however, Microsoft has updated a Tech Community blog post where it has shared details on how it is protecting against unsupported, unpatched Exchange Servers.

These server versions are the most vulnerable category since they no longer receive updates, including those for security.

The Redmond tech giant says that it is enabling a transport-based enforcement system (TES) in Exchange Online.

thumbnail image 1 of blog post titled 
	
	
	 
	
	
	
				
		
			
				
						
							Throttling and Blocking Email from Persistently Vulnerable Exchange Servers to Exchange Online

And, in case you are wondering how transport-based enforcement systems function, it will basically help to throttle or delay emails from unpatched servers until they are remediated.

In case there is no upgrade to the vulnerable server, the email flow will consequently be blocked, to avoid future problems.

Thus, to efficiently address this problem, Microsoft is enabling a transport-based enforcement system in Exchange Online that has three primary functions: reporting, throttling, and blocking.

Keep in mind that the system was designed to alert an admin about unsupported or unpatched Exchange servers in their on-premises environment that need remediation (upgrading or patching).

thumbnail image 2 of blog post titled 
	
	
	 
	
	
	
				
		
			
				
						
							Throttling and Blocking Email from Persistently Vulnerable Exchange Servers to Exchange Online

Furthermore, it also has throttling and blocking capabilities, so if a server is not remediated, mail flow from that server will be throttled (delayed) and eventually blocked.

Microsoft doesn’t want to delay or block legitimate emails, but it does want to reduce the risk of malicious emails entering Exchange Online by putting in place safeguards and standards for email entering our cloud service.

Remember to share your thoughts and opinions with us in the dedicated comments section located right below.

This article covers:Topics: