Microsoft Exchange administrators starting the new year have faced the problem of blocked messages, through a fault in the software that started from midnight 1 January.
The bug affecting on-premise versions of Exchange Server 2016 and 2019 has led to Microsoft issuing a patch to solve the problem of messages being stuck in transport queues.
Microsoft has described the problem as a “latent” date issue in a signature file, used by the malware scanning engine within Exchange Server.
“The problem relates to a date check failure with the change of the new year and it is not a failure of the AV [anti-virus] engine itself,” Microsoft said in an advisory. “This is not an issue with malware scanning or the malware engine, and it is not a security-related issue,” confirmed the company.
“The version checking performed against the signature file is causing the malware engine to crash, resulting in messages being stuck in transport queues,” it added.
As a result, there will be errors in the application event log on Exchange Server. An error message will read “The FIP-FS Microsoft Scan Engine failed to load. PID: 23092, Error Code: 0x80004005. Error Description: Can’t convert 2201010001 to long.”
The fix can be downloaded here. Before running the script, said Microsoft, admins should change the execution policy for PowerShell scripts by running “Set-ExecutionPolicy -ExecutionPolicy RemoteSigned”.
They should run the script on each Exchange mailbox server that downloads anti-malware updates in their organisation, using the elevated Exchange Management Shell.
The script can be run on multiple servers in parallel. It can also be installed manually. Edge transport servers are unaffected by the issue.
from UC Today https://ift.tt/3JRIxFg
0 Comments