Microsoft has issued an update to fix a year 2022 bug in MS Exchange that has been causing on-premises Exchange servers to stop delivering emails. The bug is present in on-premises Exchange Server 2016 and Exchange Server 2019 and causes emails to be stuck in transport queues.
At midnight on New Year’s Eve, on-premises Exchange servers stopped delivering emails, which remained in a queue to be delivered. Exchange Server logs displayed an error message due to the failure of the FIP-FS antivirus scanning engine to load. The bug was due to Exchange checking the version of the FIP-FS AV engine and attempting to store the data in a signed int32 variable.
The problem is the variable has a maximum value – 2,147,483,647 – which is less than the value of January 1, 2022 – 2,201,010,001 – which resulted in the antivirus engine crashing, which meant emails got stuck in transport queues and were not being delivered.
The fix issued by Microsoft is a temporary measure that solves the problem, and a permanent fix will be delivered in a later update. The issue was temporarily corrected using a PowerShell script (Reset-ScanEngineVersion.ps1) which stops the Microsoft Filtering Management and Microsoft Exchange Transport services, then deletes the old AV engine files, downloads a new AV engine, and then restarts the two stopped services.
Exchange admins have two options for solving the problem. They can either download and execute the PowerShell script from https://aka.ms/ResetScanEngineVersion or alternatively, it is possible to fix the issue manually by removing the existing AV engine and metadata, then updating to the latest version of the AV engine and then verifying the UpdateVersion information to ensure the correct version is installed. Microsoft has provided step-by-step instructions in a January 1, 2022 blog post.