It’s been more than 20 years since ‘Effect 2000’ but we still remember the stir it caused. Now that 2022 begins, we have had another computer problem with the date change, in this case the affected one has been Microsoft Exchange. If your mail works with Microsoft Exchange (as many company accounts tend to be) and you have stopped receiving emails during these dates, you should know that there is an explanation behind.
A particular bug due to the change of year has caused the antispam and antimalware engine of Microsoft Exchange (FIP-FS) is having problems processing the date, which has caused millions of emails to freeze on the servers, without sending their recipients, according to has recognized Microsoft itself.
Why the ‘2022 Effect’ of Microsoft Exchange
Since 2013, Microsoft has used the FIP-FS system in Exchange by default. It was in one of the renovations when Microsoft developers decided to store the date value in a variable int32. A seemingly innocent decision that has had fatal consequences for the operation of your system.
The maximum value of this variable is 2,147,483,647. That is, less than the date that is currently used. Microsoft uses the last three digits to store the day and the previous three for the month, so the minimum value required is 2.201.010.001.
#Microsoft and #Exchange starting off 2022 with a 💣as of 00:00UTC with freezing transport of all emails flowing through it On-Prem due to failure converting the new date… 🤦♂️. Solution is to disable the AntiMalware Scanning temporarily via Disable-Antimalwarescanning.ps1. 1/x https://t.co/grYeBW1Ygh
— Joseph Roosen (@JRoosen) January 1, 2022
According explica Joseph Roosen, cybersecurity researcher and MS Exchange administrator, versions 2016 and 2019 have been affected Microsoft Exchange. With these versions, users are not receiving emails as the FIP-FS engine cannot understand the date of the emails.
How to temporarily correct the problem
Microsoft is aware of this flaw and is already working on a solution. At the moment, manual action is required to correct the fault by users or administrators. What our colleagues from Genbeta point out, as Microsoft has explained:
“Our engineers were working around the clock on a solution that would eliminate the need for customer action, but we determined that any patch that did not involve such action would require several days to develop and roll out. So we are working on another update, which validation is now in its final testing phase. “
The solution is through temporarily disable the FIP-FS antispam engine. There is a danger that then potential malicious emails will arrive, but also the rest.
To do this, you will have to type the following PowerShell commands in Exchange Server:
Set-MalwareFilteringServer -Identity -BypassFiltering $true
After restarting the MSExchangeTransport service, mail should be forwarded regularly again. Another option is to download the script created by Microsoft. As the company describes, depending on the size of the server and the number of users using that Microsoft Exchange account, the script and the update may take some time.
Microsoft is working on the final patch but at the moment there is no set date for when the update will be available to fix this problem permanently.
Via | Xataka Windows