On January 1, 2022, the Microsoft Exchange mail servers stopped working due to an error. The problem was found in the FIP-FS module, which protects mail from spam and malware.
Image source: microsoft.com
As cybersecurity specialist Joseph Roosen found out, the problem arose due to the fact that the date value was stored in a 32-bit variable (int32), the maximum value of which is 2,147,483,647. However, the dates are in 2022, based on program logic starts with a value of 2 201 010 001, which is greater than the maximum allowed, resulting in a failure in the scanning engine and mail not being delivered to the recipient.
To fix the bug, Microsoft will urgently need to release an update to Exchange Server that uses a variable to store the date, allowing it to store larger values. As a temporary solution, it is still proposed to disable the FIP-FS scanner – this will allow you to work with mail again, but users will receive more spam and, possibly, malicious attachments.
Microsoft has issued an official statement acknowledging the existence of a bug in the versions of Exchange Server 2016 and Exchange Server 2019. The company confirmed that the problem is caused by a data validation error with a change of year. Microsoft is now actively working on a solution to this problem and promises to fix it in the near future.
…
Add Comment