Y22K? : Microsoft Exchange malware scanning can’t interpret 2022 dates; Emails undelivered
Reports are pouring in to Twitter of email traffic being frozen for many. Microsoft's Exchange server formats dates as YYMMDDHHMM, and then stores that number as a signed 32 bit Integer.
Since YY here changed from '21 to '22 overnight (Happy New Year, by the way!) - this means that the date format that Exchange uses exceeded the limit of a 32 bit signed Int.
Some warned us about this on New Years eve.
I don't know who else needs to know this, but an INT variable has limits..
— #HaydSays (@haydsays) January 1, 2022
Type int, which uses 32 bits giving it a range of -2147483648 to +2147483647, inclusive..
Today's date string ["YYMMDDHHMM"] is 2201010001, which is larger than that.
HAPPY NEW YEAR!
I found no more concise an explanation of this phenomenon with Microsoft Exchange than at this wonderful little blog post by rachelbythebay - Please read!
https://rachelbythebay.com/w/2022/01/01/baddate/
Some updates on Twitter indicate that it is the malware scanner that is unable to parse emails due to the 32 bit unsigned int date format
Dear @msexchangeteam. The FIP-FS “Microsoft” Scan Engine Failed to Load. Can’t Convert “2201010001” to long.
— long wtf = 2201010001; (@miketheitguy) January 1, 2022
Currently some people report that the workaround is to temporarily disable the malware scanner. However, this is assuming that your environment has other layers of protection and scanning for malware.
So if I disable the Anti Malware Engine I get mails but they may contain malware? Not sure, that‘s the better option.
— Oliver Regelmann (@regelmol) January 1, 2022