Exchange Emergency Mitigation (EM) Service

Introduction

Microsoft released a new service last week in their cyberthreat arsenal against Exchange Server vulnerabilities last week. The service is the Exchange Emergency Mitigation (EM) Service. This article aims to provide organisations with Exchange Server 2016 and 2019 with high-level information of what this service does.

What does the service do?

It keeps Exchange Server secure between Security Updates. It provides hourly mitigations to address any potential threats, and uses the Office Config Service (OCS) to keep Exchange Server secure with interim fixes to the Exchange organisation.

How do I obtain the Service?

The service is included in Cumulative Update 21 (CU21 ) for both Exchange Server 2016 and 2019 mailbox servers. There are some other prerequisites necessary:

  • IIS URL Rewrite Module.
  • Universal C Runtime in Windows (KB2999226).
  • Connectivity to URL officeclient.microsoft.com/* over TCP/443

Organisations should be aware that when CU21 is installed, the service will be automatically enabled for each mailbox server and the Exchange organisation.

How can I check this Service is working?

Well… Exchange Server has introduced the Test-MitigationServiceConnectivity.ps1 script which is available in the Exchange Server Scripts folder. A successful connection will be reported if the network connectivity is good.

Is there any other helpful information?

Yes, Microsoft published an article only last week with more information. This article can be found here.

About the author