Issue
Cumulative update of MS Exchange Server can break the two-factor authentication (2FA) protection of Outlook Web Access (OWA) or Exchange Control Panel (ECP) in specific cases.
Details
The Microsoft Exchange Server component of ESET Secure Authentication is installed and protecting OWA/ECP with 2FA.
After the cumulative update of MS Exchange Server, 2FA protection of OWA/ECP is unregistered in specific cases, thus not requesting the second factor when logging in.
Solution
After a cumulative update of the MS Exchange server, test the 2FA protection of OWA/ECP:
- Make sure your user account has 2FA enabled in ESA Web Console.
- Attempt to log in to both OWA and ECP.
- If no second factor is required in any login attempt, run the ESA installer and select Repair.
- Follow the on-screen instructions.
