Microsoft Issues Fix for Exchange Y2K22 Bug That Crippled Email Delivery Service

January 15, 2022

Introduction: The Exchange Y2K22 bug relates mainly to a date check failure in Microsoft’s email service and is not security-related. The bug shut down on-premises mail delivery and stops users from accessing their inboxes. The good news is Microsoft has responded with both a manual and automated fix.

Main Concern: As the year 2022 came in and the clock struck midnight, Exchange administrators across the world found that their servers were Not able to send the emails. Subsequent to analysis, they observed that Mails were not getting sent or received instead they were stuck in the queue of the mail server, and the Windows event log showed the following error in the logs.

Log Name: Application

Source: FIPFS

Logged: 1/1/2022 1:03:42 AM

Event ID: 5300

Level: Error

Computer: server1.contoso.com

Description: The FIP-FS “Microsoft” Scan Engine failed to load. PID: 23092, Error Code: 0x80004005. Error Description: Can’t convert “2201010001” to long.

Log Name: Application

Source: FIPFS

Logged: 1/1/2022 11:47:16 AM

Event ID: 1106

Level: Error

Computer: server1.contoso.com

Description: The FIP-FS Scan Process failed initialization. Error: 0x80004005. Error Details: Unspecified error.

The manner in which Microsoft dates refreshes (Year/Month/Day design) didn’t observe that it had a self-assertive restriction of 2147483647.

So, when the update named 220101001 was deployed, it overshot the limit and failed date checks. This affected Exchange versions 2016 and 2019.

Microsoft noticed that the issue was caused due to the date issue in the signature record utilized by the malware filtering motor inside Exchange Server.

Recommendations :

Microsoft has released a temporary fix requiring Users to take action while working on an update that automatically fixes the issue.

Microsoft is recommending customers to download a PowerShell-based scan engine reset script called “Reset-ScanEngineVersion.ps1” that can then be executed on each Exchange mailbox server used for downloading antimalware updates.

For using the automated script and applying the fix, follow these steps

Download the Reset-ScanEngineVersion.ps1 script from https://aka.ms/ResetScanEngineVersion.
Open an elevated Exchange Management Shell.

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Microsoft Issues Fix for Exchange Y2K22 Bug That Crippled Email Delivery Service

Security Team

Related Posts

Chinese APT Gelsemium Targets Linux Systems with New WolfsBane Backdoor

Microsoft Launches Windows Resiliency Initiative to Boost Security and System Integrity

Chinese Hackers Exploit T-Mobile and Other U.S. Telecoms in Broader Espionage Campaign

Our Offices

Corporate Office (HO):

UK Office:

Registered Office (Delhi):

Noida Office:

Phone:

Email

Click To Download

Download CyberSRC Services & Portfolio & Datasheets

Download Case Studies

Download Company Brochure