Microsoft releases script for “Y2k22 bug” in Exchange Server 2019 and Exchange Server 2016
Microsoft on Saturday proposed a script to correct a so called “bug Y2k22” that caused email to accumulate in Exchange Server 2019 and Exchange Server 2016 transport queues.
This stuck transport queue issue occurred on New Years Day 2022. A “date verification failure” associated with Microsoft’s anti-virus engine caused the malware engine to crash. The messages then accumulated in the transport queues for Exchange Server 2019 and. Exchange Server 2016 users.
Use version 2112330001
Antivirus engine must use version “2112330001”. Apparently the “21” part of its name refers to the year 2021. The stuck transport queue issue occurred when the anti-virus engine was at versions starting at “22” (meaning the year 2022).
Microsoft’s announcement claimed in an FAQ section that it had not rolled back the version of the anti-virus engine and that version “21” is “new footage” that will allow future anti-virus updates to continue to arrive.
The issue only affects users of Exchange Server 2019 and Exchange Server 2016. However, organizations that have Microsoft anti-virus software that begins with “22” should take steps to upgrade to version “21” in order to continue working. obtain future antimalware updates.
Microsoft explained this point in the FAQ section of its announcement as follows, noting that the antivirus version issue may affect other users of Exchange Server products, such as Exchange Server 2013 users, who will not receive updates. antivirus update if they use version “22”:
Exchange Server 2013 is unaffected by transport outages, so there will be no email accumulation in the transport queues. If your Exchange 2013 server has taken the antimalware update and is now on the version starting with “22 …”, you should use the automated or manual steps in this blog post to get your server to a version engine code “21 …” to continue receiving antimalware updates. Without action, your server will not receive any future antimalware updates.
Unfortunately for IT pros who oversee Exchange Server 2019 or Exchange Server 2016 implementations, running the script should be done on “every Exchange mail server that downloads antimalware updates in your organization.” .
There is no patch. This is a handy IT project to fix the problem, although the script can be automated to run on different servers simultaneously.
Alternatively, Microsoft described a “manual fix” as an alternative to running the script. There are additional steps to take if the Exchange servers use a proxy to connect to the Internet.
Organizations that only use Exchange Server 2019 or Exchange Server 2016 for Exchange recipient management do not need to take action. Organizations that do not connect to the Internet to obtain anti-malware updates are not affected by this issue.
Microsoft did not explain the problem as a “Y2k22 bug”. The reason for the antivirus engine version issue is that “the version check performed against the signature file causes the malware engine to crash, causing messages to hang in transport queues,” the report said. Exchange team, without much further explanation.
However, a commenter (“John_C_Kirk”) in Microsoft’s post said the problem was caused by a 32-bit “integer overflow error” associated with the version number. He suggested that Microsoft add this explanation to their announcement, but Microsoft appears to have ignored the notice.
Reviewers described seeing many errors generated by Microsoft’s script. They also sometimes described the need to restart the server for the fix to take effect.