- Buy Microsoft Visio Professional or Microsoft Project Professional 2024 for just $80
- Get Microsoft Office Pro and Windows 11 Pro for 87% off with this bundle
- Buy or gift a Babbel subscription for 78% off to learn a new language - new low price
- Join BJ's Wholesale Club for just $20 right now to save on holiday shopping
- This $28 'magic arm' makes taking pictures so much easier (and it's only $20 for Black Friday)
Microsoft issues a fix for on-prem Exchange mail servers
Microsoft Exchange admins got a bit of a rude surprise as the new year rang in, with a “latent date issue” striking the on-premises versions of Exchange Server 2016 and 2019 that saw emails queued up instead of being distributed to inboxes.
The problem lay with Exchange’s malware scanning engine, however, Microsoft took great pains to emphasize in a blog post from the Exchange team that the problem relates to a date-check failure with the new year and it not a failure of the antivirus scanning engine itself, nor is it a security issue.
Exchange’s FIP-FS AV checks the version of the Exchange software and then tries to write the date into a signed int32 variable. However, the variable’s maximum value is lower than January 1, 2022, causing the malware engine to crash.
With no malware scanner, Exchange queues mail instead of sending it. It won’t send or receive mail it can’t scan.
Not every Exchange server is affected. Microsoft said organizations using Exchange Server 2019 or Exchange Server 2016 just for management of Exchange recipients don’t need to take action, and organizations that don’t connect to the Internet to get antimalware updates aren’t affected, nor is Exchange 2013.
Microsoft Issues Temporary Fix
Microsoft has released a temporary fix, but it’s rather involved; they’re working on a permanent fix. But hey, the Exchange team had to work on New Year’s Day so I’ll cut them some slack.
The fix comes in the form of a PowerShell script named Reset-ScanEngineVersion.ps1, available from the blog post. The script will stop the Microsoft Filtering Management and Microsoft Exchange Transport services, delete older AV-engine files, download the new AV engine, and restart the services.
You have a choice of running the automated script to apply the fix on each on-premise Microsoft Exchange 2016 and 2019 server in your data center, or you can also update the scanning engine manually. Microsoft provides instructions for both in its blog.
Microsoft warns that this process may take some time, depending on the size of the organization. It also warns that while email will start being delivered again, it may take some time depending on the amount of email that was stuck in the queue.
Copyright © 2022 IDG Communications, Inc.
