Just before New Year’s Eve the day before yesterday, Microsoft Exchange users were affected by a 2022 bug that prevented the sending of emails. The 2022 date removed error in the FIP-FS anti-malware scanner caused the system to prompt the FIP-FS scanning process to fail to initialize.
This error caused many system administrators to stop New Year’s Eve celebrations abruptly, and Microsoft also did it during the holidays. No idle time, an official fix was released for this problem in just two days. Anyone who encounters the problem can apply the fix manually or use an automated script to handle the failure.
Microsoft said in its support forum post: We have created a solution to solve the problem of messages stuck in the transmission queue on Exchange Server 2016 and Exchange Server 2019 because the malware scanning engine in Exchange Server uses There is a potential date issue in the signature file. When the issue occurs, you will see errors in the application event log on the Exchange server, especially events 5300 and 1106 (FIPFS).
The company stated that users can visit https://aka.ms/ResetScanEngineVersion to apply a fix, or they can use a manual option instead.
Microsoft Explained.
Instead of using scripts, customers can also manually perform steps to solve the problem and restore service. To manually resolve this issue, you must perform the following steps on each Exchange server in your organization.
Delete existing engine and metadata
- Stop the Microsoft Filter Management Service. When you are prompted to stop the Microsoft Exchange Transport service at the same time, click “Yes”.
- Use Task Manager to make sure updateservice.exe is not running.
- Delete the following folder: %ProgramFiles%\Microsoft\Exchange Server\V15\FIP-FS\Data\Engines\ AMD 64\Microsoft.
- Remove all files in the following folder: %ProgramFiles%\MicrosoftExchange Server\V15\FIP-FS\Data\Engines\met ADATA.
Update to the latest engine
- Start the Microsoft Filter Management Service and Microsoft Exchange Transport Service.
- Open the Exchange management shell, navigate to the Scripts folder (%ProgramFiles%\Microsoft\Exchange Server\V15\Scripts), and run Update-MalwareFilteringServer.ps1 <server FQDN>.
Verification engine update information
- In the Exchange Management Shell, run Add-PSSnapin Microsoft.Forefront.Filtering.Management.Powershell.
- Run Get-EngineUpdateInformation and verify that the UpdateVersion information is 2112330001.
After updating the engine, it is also recommended to verify whether the mail flow is normal and whether there are FIPFS error events in the application event log.