Versions Compared

Old Version 5

changes.mady.by.user Adam Darwin

Saved on

compared with

New Version 6

changes.mady.by.user Adam Darwin

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1730

Change Image Download URL

Basically, you need to change both the external & internal download hostname to a different domain name.

...

Set-OwaVirtualDirectory -Identity "owa (default Web site)"  -ExternalDownloadHostName “Images.DeepnetID.com
Set-OwaVirtualDirectory -Identity "owa (default Web site)"  -InternalDownloadHostName "Images.DeepnetID.com
Set-OrganizationConfig -EnableDownloadDomains $true

If MFA is enabled on OWA, then you must take the following steps

Table of Contents

Add URL Binding

On the Exchange server, launch the IIS Management

...

Add the image download URL in to the URL Bindings

Apply the change

Add HTTP Filter

We also need to add a HTTP Filter.

...

  • Header: sec-fetch-dest
  • Value: image


Add URL Filter


Apply the change.