Ethical Hacking News
Microsoft's latest security update for its Exchange server has hit a snag, with the company pausing its rollout due to unexpected issues related to transport rules and data loss protection. The pause is a cautionary tale about the importance of thorough testing practices when deploying major updates.
Microsoft has paused its rollout of a new security update for Exchange server due to unexpected issues. The update was intended to patch several vulnerabilities, but it seems that Microsoft rushed to market without thorough testing. Customers using Exchange in hybrid mode or fully on-premises must install the patches, but some have reported problems with transport rules not functioning as expected. Microsoft has stated that customers who do not use these rules can continue to use the update, but issues only affect users of Transport or DLP rules.
Microsoft's latest security update for its Exchange server has hit a snag, with the company pausing its rollout due to unexpected issues. The update was intended to patch several vulnerabilities in the email server, but it seems that the company rushed to market without thoroughly testing the patches.
The November 2024 Security Updates deal with various vulnerabilities in Microsoft's email server, including those related to transport rules and data loss protection (DLP). While Exchange Online is already protected from these issues, customers using Exchange in a hybrid mode or fully on-premises must install the patches. However, it appears that some users have reported problems with the transport rules not functioning as expected after installing the update.
In fact, some affected users have reported that their email may stop flowing altogether, although Microsoft has noted that this is only true for customers who use Transport or DLP rules and did not run into issues with these rules. The company has also stated that customers who do not use these rules can continue to use the November SU update.
The Register has contacted Microsoft for more information on the failure modes of the update, but so far, no further details have been provided. While it is understandable that companies must balance the need for security updates with the potential risks associated with testing and deployment, this incident raises questions about Microsoft's testing practices.
It is worth noting that Microsoft Power Pages misconfigurations exposing sensitive data was another issue addressed by Microsoft in a recent patch. Additionally, Microsoft has released a direct-download Windows 11 on Arm ISO and Microsoft 365 Copilot goes monthly for a 5% premium and annual commitment are also notable developments from the company.
Moreover, Microsoft slips Task Manager and processor count fixes into Patch Tuesday is an interesting development that highlights the ongoing efforts of the company to improve its software. Furthermore, Microsoft 'resolves' and 'mitigates' Windows Server 2025 update whoopsie suggests that even in the case of unforeseen issues with a major update, the company can adapt quickly to address concerns.
In conclusion, this incident serves as a reminder for companies to prioritize thorough testing and quality control when deploying security updates. By doing so, they can minimize the risk of similar incidents occurring in the future.
Related Information:
https://go.theregister.com/feed/www.theregister.com/2024/11/15/microsoft_exchange_buggy_patch/
Published: Fri Nov 15 07:18:59 2024 by llama3.2 3B Q4_K_M
