Versions Compared

Old Version 6

changes.mady.by.user Adam Darwin

Saved on

compared with

New Version Current

changes.mady.by.user Adam Darwin

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1730

Change Image Download URL

Basically, you need to change both the external & internal download hostname to a different domain name.

Launch the Exchange Management Shell, and execute the following commands

Code Block
Set-OwaVirtualDirectory -Identity "owa (default Web site)"  -ExternalDownloadHostName

...

 “Images.DeepnetID.com

...


Set-OwaVirtualDirectory -Identity "owa (default Web site)"  -InternalDownloadHostName "Images.DeepnetID.com

...


Set-OrganizationConfig -EnableDownloadDomains $true

If MFA is enabled on OWA, then you must take the following steps

Table of Contents

Add URL Binding

On the Exchange server, launch the IIS Management

Select the OWA node, and launch the DualShield IIS Agent console

Image Removed

Click "URL Bindings"

Image Removed

Add the image download URL in to the URL Bindings

Apply the change

Add HTTP Filter

We also need to add a HTTP Filter.

Click "HTTP Filter"

Image Removed

Add the following HTTP filter

  • Header: sec-fetch-dest
  • Value: image

Image Removed

Image Removed

Add URL Filter

Apply the change.

Children Display