Microsoft recommends that customers who have not already done so install the July 2017 security updates to be fully protected from this vulnerability Summary: This bulletin summary lists security bulletins released for March 2017 Revision Note: V4.0 (August 8, 2017): For MS17-007, to comprehensively address CVE-2017-0071, Microsoft released the July security updates for all versions of Windows 10.If you are still using Microsoft Forefront Protection 2010 for Exchange Server (FPE), you are officially out of time.Note that Exchange 2013 will contain basic anti-malware functionality, but I doubt this will meet any customer’s demands and certainly isn’t a very manageable solution.Next, there’s the firewall, reverse proxy, load balancing and VPN functionality offered by TMG.Also, ensure that proxy information has been entered, if required.The following URLs (and any subdomains under them) and the use of http and https must be allowed through the firewall: So I added *.to my trusted sites list in IE on the server, but this didn't seem to help, the other engines all passed without this entry in the list.Severity Rating: Critical Revision Note: V2.0 (August 8, 2017): To comprehensively address CVE-2017-0071, Microsoft released the July security updates for all versions of Windows 10.Note that Windows 10 for 32-bit Systems, Windows 10 for x64-based Systems, Windows 10 Version 1703 for 32-bit Systems, and Windows 10 Version 1703 for x64-based Systems have been added to the Affected Products table as they are also affected by this vulnerability.
If no new files are available, nothing is downloaded for that engine during that update cycle.
An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Revision Note: V4.0 (August 8, 2017): For MS17-007, to comprehensively address CVE-2017-0071, Microsoft released the July security updates for all versions of Windows 10.
This is a fresh install, so I don't think this is a new issue, just a not configured thing.
Today, Microsoft finally announced the discontinuing of most of it’s Fore Front products, including the retirement of products used in many Exchange deployments, Fore Front Threat Management Gateway (TMG) 2010 and Fore Front Protection for Exchange (FPE).