Skip to main content

To prevent misuse of UNC paths by attackers, Microsoft removed the parameters that take UNC paths as inputs from the Exchange Server PowerShell cmdlets and the Exchange Admin Center. These changes will affect all cumulative update (CU) releases of Microsoft Exchange Server 2019 (CU12 and later) and Microsoft Exchange Server 2016 (CU23 and later).

UNC path inputs not usable

To prevent misuse of UNC paths by attackers, parameters that take UNC paths as inputs will no longer be usable in:

  1. Exchange Admin Center
  2. Exchange Server PowerShell cmdlets

These certificate changes are available in the latest Exchange Server updates:

  • Cumulative Update 12 for Exchange Server 2019
  • Cumulative Update 23 for Exchange Server 2016

Exchange Admin Center certificate changes

The following certificate functionality in Exchange Admin Center is removed after upgrading to Exchange Server 2019 CU12 and later and Microsoft Exchange Server 2016 CU23 and later:

  1. Import & Export Exchange Certificate removal
  2. Complete Exchange Certificate Request removal
  3. New Exchange Certificate Request from CA removal
  4. Renew Exchange Certificate Request removal

In the previous versions of Exchange Server, there was an option to import or export the Exchange certificate through Exchange Admin Center.

Exchange Server certificate management changes before

The option to import or export the Exchange certificate through Exchange Admin Center is removed. Instead, you must now use PowerShell cmdlets to import or export the Exchange certificate.

Exchange Server certificate management changes after

Exchange Server PowerShell cmdlets certificate changes

The FileName and RequestFile parameter that takes the UNC path as input is removed from Exchange Server PowerShell cmdlets after upgrading to Exchange Server 2019 CU12 and later and Microsoft Exchange Server 2016 CU23 and later.

Leave a Reply