I have a question about Microsoft Exchange Server Spoofing Vulnerability CVE-2021-1730.
I would like to implement the fix and I wanted to know if the procedure listed below is right.
This is the procedure:
Questa è la procedura:
I have gone onto our Website hosting and added a CNAME record to point download.mycompany.it onto mailserver.mycompany.it (Our Exchange Server).
Because we use split DNS on the server also add a CNAME to point download.mycompany.it to the Exchange Server
Update our SAN certificate so it has download.mycompany.it on it and re-issue the Certificate in ECP.
Run these commands in management console;
Get-OwaVirtualDirectory | Set-OwaVirtualDirectory -ExternalDownloadHostName download.mycompany.it -InternalDownloadHostName download.mycompany.it
Set-OrganizationConfig -EnableDownloadDomains $true
Restart the Servers
Is the procedure correct?