Discussion in 'Business & Enterprise Computing' started by PabloEscobar, Dec 11, 2014.
Indeed, as highlighted in the comments:
i know not a lot of folk run exchange 2013, but did anyone see mail flow rules just suddenly stop working after the last bunch of patches? We have one to just prepend a disclaimer for outside emails coming in to stop the muppets from clicking/opening everything and stop and think first (not likely), and after the last bunch of patches, the rule is still there, still enabled, but not doing squat. so i recreated it, and bingo it worked, which is weird as to why it stopped working in the first place.
From the Rants thread.
Windows 10, 1903 just dropped to GA, will take it for a spin and see how she runs.
Damnit, trend WFBS 10 isn't compatible yet, will have to wait till a patch comes out as its my daily driver and i just can't nuke the AV...
can anyone who is running a 2012 RDS server with outlook 2016 check if search in outlook just got borked with the latest updates? I can't search across the whole RDS box and when i try to re-add/look in outlook search i get a mapi16:// instead of outlook
keen to know, this is my config and we haven't applied the updates yet.
Just having a look and i can't see any patches that seem to directly relate to outlook... and mr google isn't showing me much at this moment in time... so if it is patch related this will be fun
our last updates were 30-06, current ones available are.
Will have to wait till tonight until i can remove and reboot this patch.
Ok appears to be server based on the actual exchange server...
The indexing of mailbox database Active Staff encountered an unexpected exception. Error details: Microsoft.Exchange.Search.Core.Abstraction.OperationFailedException: The component operation has failed. ---> Microsoft.Exchange.Search.Core.Abstraction.OperationFailedException: The component operation has failed. ---> System.ServiceModel.EndpointNotFoundException: Could not connect to net.tcp://localhost:3847/. The connection attempt lasted for a time span of 00:00:02.0625164. TCP error code 10061: No connection could be made because the target machine actively refused it 127.0.0.1:3847. ---> System.Net.Sockets.SocketException: No connection could be made because the target machine actively refused it 127.0.0.1:3847
at System.Net.Sockets.Socket.InternalEndConnect(IAsyncResult asyncResult)
at System.Net.Sockets.Socket.EndConnect(IAsyncResult asyncResult)
at System.ServiceModel.Channels.SocketConnectionInitiator.ConnectAsyncResult.OnConnect(IAsyncResult result)
--- End of inner exception stack trace ---
ok so a restart of the microsoft exchange search host controller and microsoft exchange search and waiting a few minutes seems to have sorted it.... No idea what caused it and it *May* not be update related. *shrugs shoulders*
Many CVE 9+
Patch early, patch often.
RDP Pre-Auth RCE (Think Bluekeep) - https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1181
DHCP Client REC - Get IP, Get Owned - https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0736
Word RCE - Open Outlook Preview Pane - Get Owned (Whatyearisthis.jpg) - https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1201
Going on holidays and leaving the country on Saturday Morning, Threw them on last night (RDP/DHCP/Word) ones on my RDP/AD/DNS Boxes and Exchange Server (so internet facing/exploitable ones/ones users live on and click/do stupid things on) and nobody has screamed yet and were up to our usual number of users, so seems for the moment to be good.
Also, if you still use SEP you're gonna have a bad time.
It's almost like there were two major security conventions back to back recently.
DEF initely don't want to get CON'd by some hacker wearing black attire. >_>
Early indications at work show one of the latest 2008 R2 patches killing physical servers that are also domain controllers (ie, they can no longer boot)... I don’t have the specific KB on me at the moment.
Microsoft hinting its an issue starting to be raised by other people, so potentially widespread impact.
I’ll provide more info as it comes through.
I suspect the offending KB will be pulled and re-released ASAP.
Our EU office was able to resolve it by resetting the windsock catalog. It was a VM though so easy to disable network to allow boot up
The fix for our problem (2008 R2 SP1, AD DS role on physical server) is to ensure KB3133977 is installed first, then to perform a reboot... after that the new patches will install ok.
Our InfoSec group had not previously approved KB3133977 hence it not being deployed, but its approved now
No KB890830 update (MSRT) in September's round of updates - can't remember the last time that happened...