Y22K? : Microsoft Exchange malware scanning can’t interpret 2022 dates; Emails undelivered

Reports are pouring in to Twitter of email traffic being frozen for many. Microsoft's Exchange server formats dates as YYMMDDHHMM, and then stores that number as a signed 32 bit Integer.

Since YY here changed from '21 to '22 overnight (Happy New Year, by the way!) - this means that the date format that Exchange uses exceeded the limit of a 32 bit signed Int.

Some warned us about this on New Years eve.

I found no more concise an explanation of this phenomenon with Microsoft Exchange than at this wonderful little blog post by rachelbythebay - Please read!

https://rachelbythebay.com/w/2022/01/01/baddate/

Some updates on Twitter indicate that it is the malware scanner that is unable to parse emails due to the 32 bit unsigned int date format

Currently some people report that the workaround is to temporarily disable the malware scanner. However, this is assuming that your environment has other layers of protection and scanning for malware.

Subscribe to Jayanth's Security Learnings and Observations

Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe