Yes. See:
https://www.reddit.com/r/exchangeserver/comments/onhchg/download_domains_cve20211730_and_microsoft/
Note, no need to restart the servers, see the thread linked above!
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Hello,
I have a question about Microsoft Exchange Server Spoofing Vulnerability CVE-2021-1730.
I would like to implement the fix and I wanted to know if the procedure listed below is right.
This is the procedure:
Questa è la procedura:
I have gone onto our Website hosting and added a CNAME record to point download.mycompany.it onto mailserver.mycompany.it (Our Exchange Server).
Because we use split DNS on the server also add a CNAME to point download.mycompany.it to the Exchange Server
Update our SAN certificate so it has download.mycompany.it on it and re-issue the Certificate in ECP.
Run these commands in management console;
Get-OwaVirtualDirectory | Set-OwaVirtualDirectory -ExternalDownloadHostName download.mycompany.it -InternalDownloadHostName download.mycompany.it
And then;
Set-OrganizationConfig -EnableDownloadDomains $true
Restart the Servers
Is the procedure correct?
Thank you
Greetings
Yes. See:
https://www.reddit.com/r/exchangeserver/comments/onhchg/download_domains_cve20211730_and_microsoft/
Note, no need to restart the servers, see the thread linked above!