Microsoft re-releases Exchange updates after fixing mail delivery
Microsoft has re-released the November 2024 security updates for Exchange Server after pulling them earlier this month due to email delivery issues on servers using custom mail flow rules.
The company announced it pulled the updates from the Download Center and Windows Update following widespread reports from admins that email had stopped flowing in their organizations.
This known issue affects those customers who use transport (mail flow) rules or data loss protection (DLP) rules, which will stop periodically after installing the November Exchange Server 2016 and Exchange Server 2019 security updates.
Today, the Exchange Team advised admins who installed the original November 2024 SU (Nov 2024 SUv1) to deploy the re-released November 2024 SU (Nov 2024 SUv2) that resolves the mail delivery issues in affected environments.
The company also shared the following table, which provides detailed information on the actions admins must take based on their environment.
|
If Nov 2024 SUv1… |
Then… |
|
was installed manually, and you do not use any transport or DLP rules, |
it is recommended to install the Nov 2024 SUv2 to gain more granular control over the X-MS-Exchange-P2FromRegexMatch header. |
|
was installed using Microsoft / Windows update and you do not use any transport or DLP rules, |
in December 2024, the server will download and install the Nov 2024 SUv2. |
|
was installed (manually or automatically) and then uninstalled to fix the issue with transport rules, |
install the re-released Nov 2024 SUv2. |
|
was never installed, |
install the re-released Nov 2024 SUv2. |
Microsoft also advises admins to always run the Exchange Health Checker script after installing security updates to detect common configuration issues known to cause performance issues and see if additional steps might be needed.
"Servers that get automatic updates from Windows Update will see the Nov 2024 SUv2 available," the company added on Tuesday.
"Please note that we have delayed the release of the Nov 2024 SUv2 to Microsoft / Windows Update until December to prevent servers from automatically installing the Nov 2024 SUv2 over the US Thanksgiving holiday."
The Nov 2024 SUv2 package also adds more granular control for "Non-RFC compliant P2 FROM header detection" designed to add warnings to malicious emails suspected of exploiting a high-severity Exchange Server vulnerability (CVE-2024-49040) that can let attackers forge legitimate senders to make malicious messages a lot more effective.
Redmond says CVE-2024-49040 exploitation detection and email warnings will be enabled by default on all servers where admins toggle on secure by default settings.
Hackers exploit ProjectSend flaw to backdoor exposed servers
U.S. Telecom Giant T-Mobile Detects Network Intrusion Attempts from Wireline Provider
CVE-2025-22224 VMware ESXi and Workstation TOCTOU Race Condition Vulnerability
CVE-2020-29574 CyberoamOS (CROS) SQL Injection Vulnerability
CVE-2025-2783 Google Chromium Mojo Sandbox Escape Vulnerability
CVE-2022-43939 Hitachi Vantara Pentaho BA Server Authorization Bypass Vulnerability
CVE-2024-49035 Microsoft Partner Center Improper Access Control Vulnerability
CVE-2022-43769 Hitachi Vantara Pentaho BA Server Special Element Injection Vulnerability
CVE-2024-40890 Zyxel DSL CPE OS Command Injection Vulnerability
CVE-2025-24983 Microsoft Windows Win32k Use-After-Free Vulnerability
CVE-2017-0148 Microsoft SMBv1 Server Remote Code Execution Vulnerability
CVE-2024-20953 Oracle Agile Product Lifecycle Management (PLM) Deserialization Vulnerability
Free online web security scanner
