Microsoft released a repair over the weekend to resolve an issue that caused email messages to become trapped on its Exchange Server platforms around the turn of the year, which it blamed on a date validation problem.
“The problem relates to a date check failure with the change of the new year and it [is] not a failure of the [antivirus] engine itself,” the company revealed in a blog post. “This is not an issue with malware scanning or the malware engine, and it is not a security-related issue. The version checking performed against the signature file is causing the malware engine to crash, resulting in messages being stuck in transport queues.”
The problem affected on-premises versions of Exchange Server 2016 and Exchange Server 2019, although Microsoft didn’t say how prevalent the problem was. As the year 2022 approached, the problem became more visible, leading the servers to stop delivering email messages and to display the following error message: “The FIP-FS ‘Microsoft’ Scan Engine failed to load. PID: 23092, Error Code: 0x80004005. Error Description: Can’t convert ‘2201010001’ to long.”
According to Microsoft, the problem was triggered by a date issue in a signature file used by the malware scanning engine in Exchange Server. To address the Y2K22 issue, Microsoft recommends that clients download “Reset-ScanEngineVersion.ps1,” a PowerShell-based scan engine reset script that may be run on each Exchange mailbox server that downloads antimalware upgrades. It’s worth noting that the upgrade also brings the engine’s version number up to 2112330001.
As per Microsoft, the newly improved scanning engine is fully supported. The scanning engine version was not rolled back; instead, it was moved forward into this new sequence, as we need to work on it in the long run. In this new sequence, the scanning engine will continue to receive updates.
