[ad_1]
Microsoft Trade on-premise servers can not ship e-mail beginning on January 1st, 2022, attributable to a “12 months 2022” bug within the FIP-FS anti-malware scanning engine.
Beginning with Trade Server 2013, Microsoft enabled the FIP-FS anti-spam and anti-malware scanning engine by default to guard customers from malicious e-mail.
Microsoft Trade Y2K22 bug
Based on quite a few reviews from Microsoft Trade admins worldwide, a bug within the FIP-FS engine is obstructing e-mail supply with on-premise servers beginning at midnight on January 1st, 2022.
Safety researcher and Trade admin Joseph Roosen mentioned that that is brought on by Microsoft utilizing a signed int32 variable to retailer the worth of a date, which has a most worth of two,147,483,647.
Nonetheless, dates in 2022 have a minimal worth of two,201,010,001 or bigger, which is larger than the utmost worth that may be saved within the signed int32 variable, inflicting the scanning engine to fail and never launch mail for supply.
Based on further analysis on this concern, that is occurring as a result of Microsoft is utilizing a signed int32 for the date and the brand new date worth of two,201,010,001 is over the max worth of “lengthy” int32 being 2,147,483,647. @MSFTExchange – Unsure why it was structured this fashion??
— Joseph Roosen (@JRoosen) January 1, 2022
When this bug is triggered, an 1106 error will seem within the Trade Server’s Occasion Log stating, “The FIP-FS Scan Course of failed initialization. Error: 0x8004005. Error Particulars: Unspecified Error” or “Error Code: 0x80004005. Error Description: Cannot convert “2201010001” to lengthy.”
Pricey @msexchangeteam. The FIP-FS “Microsoft” Scan Engine Didn’t Load. Can’t Convert “2201010001” to lengthy.
— lengthy wtf = 2201010001; (@miketheitguy) January 1, 2022
Microsoft might want to launch an Trade Server replace that makes use of a bigger variable to carry the date to formally repair this bug.
Nonetheless, for on-premise Trade Servers at the moment affected, admins have discovered which you could disable the FIP-FS scanning engine to permit e-mail to start out delivering once more.
To disable the FIP-FS scanning engine, you may execute the next PowerShell instructions on the Trade Server:
Set-MalwareFilteringServer -Identification -BypassFiltering $true
Restart-Service MSExchangeTransportAfter the MSExchangeTransport service is restarted, mail will begin being delivered once more.
Sadly, with this unofficial repair, delivered mail will now not be scanned by Microsoft’s scanning engine, resulting in extra malicious emails and spam getting by means of to customers.
Microsoft is reportedly conscious of the problem and is engaged on a repair, however there is no such thing as a ETA on when it is going to be delivered.
BleepingComputer has additionally contacted Microsoft with questions associated to the bug however has not acquired a response but.
[ad_2]
