Basic Authentication Retirement for legacy protocols in Exchange Online

Hauptupdate: Ankündigung

Gilt für: All customers

Updated February 7, 2020: Changed the Action by Date to accurately reflect October 13, 2020. Beginning October 13, 2020, we will retire Basic Authentication for EWS, EAS, IMAP, POP and RPS to access Exchange Online. Note: this change does not impact SMTP AUTH. There are several actions that you and/or your users can take to avoid service disruptions on client applications, and we describe them below. If no action is taken, client applications using Basic Authentication for EWS will be retired on October 13, 2020. Any application using OAuth 2.0 to connect to these protocols, will continue to work without change or interruption.

What do I need to do to prepare for this change?You have several options on how to prepare for the retirement of Basic Authentication.

  • You can start updating the client applications your users are using to versions that support OAuth 2.0 today. For mobile device access, there are several email apps available that support Modern Authentication, but we recommend switching to the Outlook app for iOS and Android as we believe it provides the best overall experience for your M365 connected users. For desktop/laptop access, we encourage the use of the latest versions of Outlook for Windows and Outlook for Mac. All Outlook versions including, or newer than, Outlook 2013 fully support OAuth 2.0.
  • If you have written your own code using these protocols, you will need to update your code to use OAuth 2.0 instead of Basic Authentication, you can reach out to us on stack overflow with the tag exchange-basicauth if you need some help.
  • If you or your users are using a 3rd party application, which uses these protocols, you will either need to
    • reach out to the 3rd party app developer who supplied this application to update it to support OAuth 2.0 authentication
    • assist your users to switch to an application that’s built using OAuth 2.0.

We are in the process of building reports that will help you identify any impacted users and client applications in your organization. We will make these reports available to you in the next few months and communicate their availability via a follow-up Message center post. Please click Additional Information to learn more about this retirement.

Zusätzliche Informationen

Exchange and SameSite Updates

https://techcommunity.microsoft.com/t5/exchange-team-blog/exchange-and-samesite-updates/ba-p/1127984

Exchange and SameSite Updates

The Stable release of the Google Chrome web browser (build 80, scheduled for release on February 4, 2020) features a change in how cookies are handled. Although the change is intended to discourage malicious cookie tracking, it’s also expected to severely affect many applications and services that are based on open standards.

For more information, see SameSite Updates on the Chromium Projects website.

Microsoft is committed to addressing this change in behavior in its products and services before the February 4, 2020 rollout date to ensure our customers are minimally impacted.

Exchange Online has already rolled out changes necessary to support this change and we do not anticipate any issues.

Exchange Server’s March Cumulative Updates will contain changes necessary to support this change. We will issue CU’s for Exchange Server 2016 and 2019 and we recommend upgrading to these versions to ensure compatibility. We’re investigating solutions for earlier versions of Exchange Server.

Given the date of our scheduled CU’s comes after Google Chrome’s release date of February 4th there might be some issues experienced by users.

To avoid issues, we recommend users switch to an alternate browser, or configure the site/URL used by OWA users to be excluded from the SameSite enforcement behavior in Chrome by using the LegacySameSiteCookieBehaviorEnabledForDomainList setting.

Additional information can be found on this page.

The Exchange Team

Informationsblatt zum Lebenszyklus von Windows

Quelle: Link

In der Windows 10-Version sind die Daten zur Verfügbarkeit und zum Serviceende nach Edition gegliedert.

Windows 10-VersionsverlaufVeröffentlichungsdatumServiceende für die Editionen Home, Pro und Pro for WorkstationsServiceende für alle Enterprise- und Education-Editionen
Windows 10, Version 190321. Mai 20198. Dezember 20208. Dezember 2020
Windows 10, Version 180913. November 201812. Mai 202011. Mai 2021
Windows 10, Version 180330. April 201812. November 201910. November 2020
Windows 10, Version 170917. Oktober 20179. April 201914. April 2020
Windows 10, Version 17035. April 2017*9. Oktober 20188. Oktober 2019
Windows 10, Version 16072. August 201610. April 20189. April 2019
Windows 10, Version 151110. November 201510. Oktober 201710. Oktober 2017
Windows 10, veröffentlicht im Juli 2015 (Version 1507)29. Juli 20159. Mai 2017 9. Mai 2017
* Windows 10, Version 1703, für Enterprise-, Education- und IoT Enterprise-Editionen wurde am 11. April 2017 veröffentlicht. 
Hinweis: Nicht alle Features eines Updates funktionieren auf allen Geräten. Ein Gerät erhält möglicherweise keine Updates, wenn die Gerätehardware nicht kompatibel ist, aktuelle Treiber fehlen, nicht genügend Speicherplatz vorhanden oder der Support des Originalgeräteherstellers (Original Equipment Manufacturer, OEM) abgelaufen ist.  Weitere Informationen zur Kompatibilität finden Sie in den Windows 10-Systemanforderungen und den Windows-Prozessoranforderungen

Basic Authentication Retirement for legacy protocols in Exchange Online

Major update: Announcement started
Applied To: All customers
  Beginning October 13, 2020, we will retire Basic Authentication for EWS, EAS, IMAP, POP and RPS to access Exchange Online. Note: this change does not impact SMTP AUTH.

There are several actions that you and/or your users can take to avoid service disruptions on client applications, and we describe them below. If no action is taken, client applications using Basic Authentication for EWS will be retired on October 13, 2020.

Any application using OAuth 2.0 to connect to these protocols, will continue to work without change or interruption.

[What do I need to do to prepare for this change?]

You have several options on how to prepare for the retirement of Basic Authentication.   You can start updating the client applications your users are using to versions that support OAuth 2.0 today. For mobile device access, there are several email apps available that support Modern Authentication, but we recommend switching to the Outlook app for iOS and Android as we believe it provides the best overall experience for your M365 connected users. For desktop/laptop access, we encourage the use of the latest versions of Outlook for Windows and Outlook for Mac. All Outlook versions including, or newer than, Outlook 2013 fully support OAuth 2.0. If you have written your own code using these protocols, you will need to update your code to use OAuth 2.0 instead of Basic Authentication, you can reach out to us on stack overflow with the tag exchange-basicauth if you need some help.   If you or your users are using a 3rd party application, which uses these protocols, you will either need to   reach out to the 3rd party app developer who supplied this application to update it to support OAuth 2.0 authentication

-or- assist your users to switch to an application that’s built using OAuth 2.0.  
We are in the process of building reports that will help you identify any impacted users and client applications in your organization. We will make these reports available to you in the next few months and communicate their availability via a follow-up Message center post.

Please click Additional Information to learn more about this retirement.

Impact of Oracle to license JAVA as of February 2019 on ServerView Suite

Quelle: Fujitsu – Global Marketing – Product Marketing Server Team

The announcement of ORACLE to license JAVA as of February 2019 also influences some products of the ServerView Suite.

In order to provide these products to our customers also in the future without the need for license fees, Fujitsu is modifying these products so that they can use a Java royalty-free product.
The modification is based on HTML5 or OpenJDK (for details see the table below). This approach causes that customers, using the current ServerView products, will have to update to the
newest versions immediately after release (not later than end of January 2019).
Should an update not be possible or desirable, then these customers will have to start paying license fees for the usage of ORACLE Java. The prices depend on the usage of Java and are listed in the global
ORACLE pricelist.

Oracle Java Lizenzierung

Oracle hat in letzter Zeit eine Reihe von Ankündigungen über Java gemacht, und wie es für die Zukunft veröffentlicht, unterstützt und lizenziert werden soll.

Diese Änderungen lassen sich wie folgt zusammenfassen:

  • Ab Java 11 wird Oracle keine öffentlichen Updates mehr zur Verfügung stellen (also kein kostenloses Patchen).
  • Oracle Java- und OpenJDK-Versionen werden in einem 6-monatigen Rhythmus veröffentlicht und nur die neuesten Versionen erhalten Sicherheitspatches (außer LTS (Long Term Support) kommerzielle Versionen mit Supportvertrag).
  • Öffentliche Updates für Java 8 für die kommerzielle Nutzung sind ab dem 15. Januar 2019 nicht mehr verfügbar.
  • Vollständiger Support und Patches werden für Java 8 (mit Supportvertrag) bis März 2025 verfügbar sein.
  • Oracle Java-Lizenzen werden nun als Jahresabonnement und nicht mehr als unbefristete Lizenz mit Support verkauft.

Wie wird sich das auf Ihre Kunden auswirken?

Die meisten kommerziellen Unternehmen verwenden Java in der einen oder anderen Form. Dies kann sein, um Anwendungen zu unterstützen bei denen ein Java-Client auf dem Desktop läuft, oder eine Anwendung die auf einem Server läuft.

Jede Verwendung der Oracle-Version von Java (von Java.com bezogen) oder von einem ISV, benötigt eine Lizenz, wenn in Zukunft Patches installiert werden. Oder Sie haben ältere Versionen von Java gepatcht, nachdem die öffentlichen Updates zurückgezogen wurden (Da die öffentlichen Updates seit ihrer Einführung nur für die neuesten Versionen von Java verfügbar waren, erforderten die nach der Veröffentlichung der nächsten Version angewandten Patches einen Lizenz- und Supportvertrag). Mit Vorschriften wie GDPR, etc. werden Datensicherheitsanforderungen und damit Patchanforderungen sehr ernst genommen,so dass die meisten Kunden davon betroffen sind.

Möchten Sie mehr erfahren?

Die Java SE Support Roadmap von Oracle enthält Details zur Verfügbarkeit von Patches sowohl für Public Updates als auch für Premier Support, den Release-Zyklus für Versionen und welche Versionen dem Langzeit-Support unterliegen.


Die Roadmap finden Sie hier

Hier geht es zum Java Data Sheet

OracleJava SE Subscription FAQ