Microsoft has issued an emergency Exchange server patch that fixes an issue where email messages can get stuck in transport queues.
The patch addresses a latent date issue in a signature file used by the malware scanning engine within Exchange Server as Microsoft noted in a blog post on January 1, 2021:
“The problem relates to a date check failure with the change of the new year and it not a failure of the AV engine itself. This is not an issue with malware scanning or the malware engine, and it is not a security-related issue. The version checking performed against the signature file is causing the malware engine to crash, resulting in messages being stuck in transport queues.”
The issue affects on-premises Exchange Server 2016 and Exchange Server 2019.
Microsoft has provided an automated solution to customers who can follow these steps:
- Download the script here: https://aka.ms/ResetScanEngineVersion
- Before running the script, change the execution policy for PowerShell scripts by running Set-ExecutionPolicy -ExecutionPolicy RemoteSigned.
- Run the script on each Exchange mailbox server that downloads antimalware updates in your organization (use elevated Exchange Management Shell).
In addition, Microsoft also provided manual instructions to Exchange customers as well.