Microsoft is working to fix Exchange bug Y2K22
Microsoft confirmed that it is working on a fix for the FIP-FS engine (Antivirus Engine) on Microsoft Exchange 2016 and 2019 servers that could result in emails in transit. These problems started just as the year moved to 2022, and have been widely discussed on social media, being dubbed the “Microsoft Exchange Bug Y2K22. “
According to Microsoft, the main issue is a failure of the date verification when changing from near 2021 to 2022. On the more technical side, in on-premises servers with Microsoft Exchange 2016 and 2019, Microsoft apparently uses the signed int32 variable. to store the value of a date. This has a maximum value of 2,147,483,647, and the security seeker Joseph Roosen mentions (via the beep computer,) dates in the year 2022 have a minimum value of 2 201 010 001 or more.
This value is greater than the maximum value that Microsoft stores in the signed int32 variable, which can cause the Exchange malware scanning engine to crash and the inability to send emails. Microsoft, however, is making it clear that this is not a failure of Exchange’s anti-virus engine and that it is not a security-related issue. Since its publication on January 1, the company has confirmed that details on how to fix the issue are expected to arrive later. The Exchange team posted the following message:
Our engineers were working around the clock on a fix that would eliminate the need for customer action, but we determined that any changes that did not involve customer action would require several days of development and deployment. We are working on another update which is in the process of final testing validation. The update requires customer action, but it will provide the fastest resolution time.
As a workaround, it is suggested to disable or bypass malware scanning on Exchange servers, but only if clients have an existing malware scanner other than Exchange’s own solution. Two documents are available on the issue. one on Antimalware protection in Exchange Server, and another on the procedures of antimalware protection in Exchange Server. there is also a community discussion of the issue on Reddit if you are an IT administrator who has experience with this issue.