{"id":1985,"date":"2023-06-16T09:01:21","date_gmt":"2023-06-16T00:01:21","guid":{"rendered":"https:\/\/m365jp.xyz\/?p=1985"},"modified":"2023-06-16T09:06:57","modified_gmt":"2023-06-16T00:06:57","slug":"mc590144-microsoft-purview-information-protection-moving-to-aes256-cbc-mode-for-encryption-of-email-and-office-files","status":"publish","type":"post","link":"https:\/\/m365jp.net\/index.php\/2023-06-16-mc590144-microsoft-purview-information-protection-moving-to-aes256-cbc-mode-for-encryption-of-email-and-office-files","title":{"rendered":"MC590144 | Microsoft Purview Information Protection moving to AES256-CBC mode for encryption of email and Office files."},"content":{"rendered":"<div class=\"postie-post\">\n<div>\n<hr>\n<table id=\"section\">\n<tbody>\n<tr>\n<th width=\"95%\">MC590144 | Microsoft Purview Information Protection moving to AES256-CBC mode for encryption of email and Office files.<\/th>\n<\/tr>\n<\/tbody>\n<\/table>\n<hr>\n<table id=\"data\">\n<tbody>\n<tr>\n<th>Classification<\/th>\n<td>stayInformed<\/td>\n<\/tr>\n<tr>\n<th>Last Updated<\/th>\n<td>06\/15\/2023 23:12:49<\/td>\n<\/tr>\n<tr>\n<th>Start Time<\/th>\n<td>06\/15\/2023 23:12:28<\/td>\n<\/tr>\n<tr>\n<th>End Time<\/th>\n<td>10\/31\/2023 07:00:00<\/td>\n<\/tr>\n<tr>\n<th>Message Content<\/th>\n<td>\n<p>Microsoft Purview Information Protection will begin to use Advanced Encryption Standard (AES) with 256-bit key length in Cipher Block Chaining mode (AES256-CBC) by default for encryption of Office documents and emails. If your organization is part of any   of the four groups listed in this post, you must take action to update or opt out of this change.  <\/p>\n<p>You can read about this on our <a href=\"https:\/\/aka.ms\/Purview\/CBCBlog\" target=\"_blank\" rel=\"noopener\">  Tech Community blog post<\/a> and learn more in our <a href=\"https:\/\/aka.ms\/Purview\/CBCDetails\" target=\"_blank\" rel=\"noopener\">  documentation<\/a>.<\/p>\n<p>This message is associated with Microsoft 365 Roadmap ID <a href=\"https:\/\/www.microsoft.com\/microsoft-365\/roadmap?filters=&amp;searchterms=117576\" target=\"_blank\" rel=\"noopener\">  117576<\/a><\/p>\n<p>[When this will happen:]<\/p>\n<p>We will begin rolling out late August 2023 and expect to complete by late September 2023.  <\/p>\n<p>[How this will affect your organization:]<\/p>\n<p>Today, Microsoft Purview Information Protection uses AES128 in electronic codebook mode (AES128-ECB) for protecting Office files and emails. Starting in late August 2023, we will begin to roll out changes to the default, moving to AES256-CBC for files and   emails.  <\/p>\n<p>This change to the default encryption algorithm will roll out to:   <\/p>\n<ul>\n<li>Microsoft 365 Apps on Current Channel and Monthly-Enterprise Channel.   <\/li>\n<li>SharePoint Online  <\/li>\n<li>Exchange Online and Office 365 Message Encryption  <\/li>\n<li>Azure Information Protection Classify and Protect 2.17 and later  <\/li>\n<li>Azure Information Protection PowerShell Module 2.17 and later   <\/li>\n<li>Microsoft Purview Information Protection Scanner 2.17 and later  <\/li>\n<\/ul>\n<p>When complete, each of these services will generate encrypted files and emails using AES256-CBC. Consumption of AES256-CBC protected files and emails is fully supported across all supported Office clients, and AIP 2.16 or later.&nbsp;<\/p>\n<p>Any applications integrated with Microsoft Information Protection SDK 1.13 or later will support consumption of AES256-CBC protected content.<\/p>\n<p>[What you need to do to prepare:]<\/p>\n<p>The four impacted groups are organizations:  <\/p>\n<p>1. Using Microsoft 365 Apps with Exchange Server, or Exchange Server in Hybrid mode.  <\/p>\n<p>2. With custom line-of-business (LOB) or third-party applications capable of decrypting protected Office files.  <\/p>\n<p>3. Using Office Perpetual versions like Office 2019, Office 2019, and Office 2021\/LTSC.  <\/p>\n<p>4. Using the Azure Information Protection Viewer, PowerShell, or Scanner.<\/p>\n<p>Members of these groups must act prior to late August 2023. Failure to opt out of the AES256-CBC change or to install the Exchange Server patch will result in Exchange Server failing to decrypt protected emails for delivery to mobile devices, Outlook for   Mac, and both Exchange Server eDiscovery and journaling. For full details, please review the Microsoft Tech Community Blog post:  <a href=\"https:\/\/aka.ms\/Purview\/CBCBlog\" target=\"_blank\" rel=\"noopener\">https:\/\/aka.ms\/Purview\/CBCBlog<\/a>&nbsp;  <\/p>\n<p>Organizations using Microsoft 365 Apps with Microsoft 365 Services will transition over to protection and consumption of Office documents in CBC mode with no admin intervention.&nbsp;<\/p>\n<\/td>\n<\/tr>\n<tr>\n<th>Machine Translation<\/th>\n<td>\n<p>Microsoft Purview \u60c5\u5831\u4fdd\u8b77\u306f\u3001Office \u30c9\u30ad\u30e5\u30e1\u30f3\u30c8\u3068\u96fb\u5b50\u30e1\u30fc\u30eb\u306e\u6697\u53f7\u5316\u306b\u65e2\u5b9a\u3067\u3001\u6697\u53f7\u30d6\u30ed\u30c3\u30af\u30c1\u30a7\u30fc\u30f3 \u30e2\u30fc\u30c9 (AES256-CBC) \u3067 256 \u30d3\u30c3\u30c8\u306e\u30ad\u30fc\u9577\u3092\u6301\u3064\u9ad8\u5ea6\u6697\u53f7\u5316\u6a19\u6e96 (AES) \u306e\u4f7f\u7528\u3092\u958b\u59cb\u3057\u307e\u3059\u3002\u7d44\u7e54\u304c\u3053\u306e\u6295\u7a3f\u306b\u8a18\u8f09\u3055\u308c\u3066\u3044\u308b4\u3064\u306e\u30b0\u30eb\u30fc\u30d7\u306e\u3044\u305a\u308c\u304b\u306b\u5c5e\u3057\u3066\u3044\u308b\u5834\u5408\u306f\u3001\u3053\u306e\u5909\u66f4\u3092\u66f4\u65b0\u307e\u305f\u306f\u30aa\u30d7\u30c8\u30a2\u30a6\u30c8\u3059\u308b\u305f\u3081\u306e\u30a2\u30af\u30b7\u30e7\u30f3\u3092\u5b9f\u884c\u3059\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002  <\/p>\n<p>\u3053\u308c\u306b\u3064\u3044\u3066\u306f\u3001<a href=\"https:\/\/aka.ms\/Purview\/CBCBlog\" target=\"_blank\" rel=\"noopener\">\u6280\u8853\u30b3\u30df\u30e5\u30cb\u30c6\u30a3\u306e\u30d6\u30ed\u30b0\u6295\u7a3f<\/a>\u3092\u8aad\u307f\u3001\u30c9\u30ad\u30e5\u30e1\u30f3\u30c8\u3067\u8a73\u7d30<a href=\"https:\/\/aka.ms\/Purview\/CBCDetails\" target=\"_blank\" rel=\"noopener\">\u3092\u78ba\u8a8d\u3067\u304d\u307e\u3059\u3002<\/a><\/p>\n<p>\u3053\u306e\u30e1\u30c3\u30bb\u30fc\u30b8\u306f\u3001Microsoft 365 \u30ed\u30fc\u30c9\u30de\u30c3\u30d7 ID <a href=\"https:\/\/www.microsoft.com\/microsoft-365\/roadmap?filters=&amp;searchterms=117576\" target=\"_blank\" rel=\"noopener\">  \u306b\u95a2\u9023\u4ed8\u3051\u3089\u308c\u3066\u3044\u307e\u3059117576<\/a><\/p>\n<p>[\u3053\u308c\u304c\u8d77\u3053\u308b\u3068\u304d:]<\/p>\n<p>2023 \u5e74 8 \u6708\u4e0b\u65ec\u306b\u30ed\u30fc\u30eb\u30a2\u30a6\u30c8\u3092\u958b\u59cb\u3057\u30012023 \u5e74 9 \u6708\u4e0b\u65ec\u307e\u3067\u306b\u5b8c\u4e86\u3059\u308b\u4e88\u5b9a\u3067\u3059\u3002  <\/p>\n<p>[\u3053\u308c\u304c\u7d44\u7e54\u306b\u4e0e\u3048\u308b\u5f71\u97ff:]<\/p>\n<p>\u73fe\u5728\u3001Microsoft Purview Information Protection \u306f\u3001Office \u30d5\u30a1\u30a4\u30eb\u3068\u96fb\u5b50\u30e1\u30fc\u30eb\u3092\u4fdd\u8b77\u3059\u308b\u305f\u3081\u306b\u3001\u96fb\u5b50\u30b3\u30fc\u30c9\u30d6\u30c3\u30af \u30e2\u30fc\u30c9 (AES128-ECB) \u306e AES128 \u3092\u4f7f\u7528\u3057\u3066\u3044\u307e\u3059\u30022023 \u5e74 8 \u6708\u4e0b\u65ec\u304b\u3089\u3001\u30c7\u30d5\u30a9\u30eb\u30c8\u306e\u5909\u66f4\u306e\u30ed\u30fc\u30eb\u30a2\u30a6\u30c8\u3092\u958b\u59cb\u3057\u3001\u30d5\u30a1\u30a4\u30eb\u3068\u30e1\u30fc\u30eb\u3092 AES256-CBC \u306b\u79fb\u884c\u3057\u307e\u3059\u3002  <\/p>\n<p>\u30c7\u30d5\u30a9\u30eb\u30c8\u306e\u6697\u53f7\u5316\u30a2\u30eb\u30b4\u30ea\u30ba\u30e0\u306b\u5bfe\u3059\u308b\u3053\u306e\u5909\u66f4\u306f\u3001\u6b21\u306e\u3088\u3046\u306b\u5c55\u958b\u3055\u308c\u307e\u3059\u3002<\/p>\n<ul>\n<li>\u73fe\u5728\u306e\u30c1\u30e3\u30cd\u30eb\u3068\u6708\u6b21\u30a8\u30f3\u30bf\u30fc\u30d7\u30e9\u30a4\u30ba \u30c1\u30e3\u30cd\u30eb\u306e Microsoft 365 \u30a2\u30d7\u30ea\u3002<\/li>\n<li>SharePoint Online<\/li>\n<li>Exchange Online \u304a\u3088\u3073 Office 365 \u30e1\u30c3\u30bb\u30fc\u30b8\u306e\u6697\u53f7\u5316<\/li>\n<li>Azure Information Protection Classify and Protect 2.17 \u4ee5\u964d<\/li>\n<li>Azure Information Protection PowerShell Module 2.17 \u4ee5\u964d<\/li>\n<li>\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8\u60c5\u5831\u4fdd\u8b77\u30b9\u30ad\u30e3\u30ca\u30fc 2.17 \u4ee5\u964d<\/li>\n<\/ul>\n<p>\u5b8c\u4e86\u3059\u308b\u3068\u3001\u3053\u308c\u3089\u306e\u5404\u30b5\u30fc\u30d3\u30b9\u306fAES256-CBC\u3092\u4f7f\u7528\u3057\u3066\u6697\u53f7\u5316\u3055\u308c\u305f\u30d5\u30a1\u30a4\u30eb\u3068\u96fb\u5b50\u30e1\u30fc\u30eb\u3092\u751f\u6210\u3057\u307e\u3059\u3002AES256-CBC \u3067\u4fdd\u8b77\u3055\u308c\u305f\u30d5\u30a1\u30a4\u30eb\u3068\u96fb\u5b50\u30e1\u30fc\u30eb\u306e\u4f7f\u7528\u306f\u3001\u30b5\u30dd\u30fc\u30c8\u3055\u308c\u3066\u3044\u308b\u3059\u3079\u3066\u306e Office \u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u3068 AIP 2.16 \u4ee5\u964d\u3067\u5b8c\u5168\u306b\u30b5\u30dd\u30fc\u30c8\u3055\u308c\u3066\u3044\u307e\u3059\u3002&nbsp;<\/p>\n<p>Microsoft \u60c5\u5831\u4fdd\u8b77 SDK 1.13 \u4ee5\u964d\u3068\u7d71\u5408\u3055\u308c\u305f\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u306f\u3001AES256-CBC \u3067\u4fdd\u8b77\u3055\u308c\u305f\u30b3\u30f3\u30c6\u30f3\u30c4\u306e\u4f7f\u7528\u3092\u30b5\u30dd\u30fc\u30c8\u3057\u307e\u3059\u3002<\/p>\n<p>[\u6e96\u5099\u3059\u308b\u305f\u3081\u306b\u5fc5\u8981\u306a\u3053\u3068:]<\/p>\n<p>\u5f71\u97ff\u3092\u53d7\u3051\u308b 4 \u3064\u306e\u30b0\u30eb\u30fc\u30d7\u306f\u7d44\u7e54\u3067\u3059\u3002<\/p>\n<p>1. Exchange Server \u3067\u306e Microsoft 365 Apps\u3001\u307e\u305f\u306f\u30cf\u30a4\u30d6\u30ea\u30c3\u30c9 \u30e2\u30fc\u30c9\u3067\u306e Exchange Server \u306e\u4f7f\u7528\u3002<\/p>\n<p>2. \u4fdd\u8b77\u3055\u308c\u305f Office \u30d5\u30a1\u30a4\u30eb\u306e\u6697\u53f7\u5316\u3092\u89e3\u9664\u3067\u304d\u308b\u30ab\u30b9\u30bf\u30e0\u57fa\u5e79\u696d\u52d9 (LOB) \u307e\u305f\u306f\u30b5\u30fc\u30c9 \u30d1\u30fc\u30c6\u30a3\u88fd\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u3092\u4f7f\u7528\u3057\u307e\u3059\u3002<\/p>\n<p>3. Office 2019\u3001Office 2019\u3001Office 2021\/LTSC \u306a\u3069\u306e\u6c38\u7d9a\u7684\u306a\u30d0\u30fc\u30b8\u30e7\u30f3\u306e Office \u3092\u4f7f\u7528\u3059\u308b\u3002<\/p>\n<p>4. Azure Information Protection \u30d3\u30e5\u30fc\u30a2\u30fc\u3001PowerShell\u3001\u307e\u305f\u306f\u30b9\u30ad\u30e3\u30ca\u30fc\u3092\u4f7f\u7528\u3059\u308b\u3002<\/p>\n<p>\u3053\u308c\u3089\u306e\u30b0\u30eb\u30fc\u30d7\u306e\u30e1\u30f3\u30d0\u30fc\u306f\u30012023\u5e748\u6708\u4e0b\u65ec\u3088\u308a\u524d\u306b\u884c\u52d5\u3059\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002AES256-CBC \u306e\u5909\u66f4\u3092\u30aa\u30d7\u30c8\u30a2\u30a6\u30c8\u3057\u306a\u3044\u3001\u307e\u305f\u306f Exchange Server \u306e\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0\u3092\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3057\u306a\u3044\u3068\u3001\u30e2\u30d0\u30a4\u30eb \u30c7\u30d0\u30a4\u30b9\u3001Outlook for Mac\u3001\u304a\u3088\u3073 Exchange Server \u306e\u96fb\u5b50\u60c5\u5831\u958b\u793a\u3068\u30b8\u30e3\u30fc\u30ca\u30ea\u30f3\u30b0\u306e\u4e21\u65b9\u306b\u914d\u4fe1\u3059\u308b\u305f\u3081\u306b\u3001\u4fdd\u8b77\u3055\u308c\u305f\u96fb\u5b50\u30e1\u30fc\u30eb\u306e\u89e3\u8aad\u306b\u5931\u6557\u3057\u307e\u3059\u3002\u8a73\u7d30\u306b\u3064\u3044\u3066\u306f\u3001\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8 \u30c6\u30c3\u30af \u30b3\u30df\u30e5\u30cb\u30c6\u30a3 \u30d6\u30ed\u30b0\u306e\u6295\u7a3f\u3092\u53c2\u7167\u3057\u3066\u304f\u3060\u3055\u3044\u3002  <a href=\"https:\/\/aka.ms\/Purview\/CBCBlog\" target=\"_blank\" rel=\"noopener\">https:\/\/aka.ms\/Purview\/CBCBlog<\/a>&nbsp;  <\/p>\n<p>Microsoft 365 \u30b5\u30fc\u30d3\u30b9\u3068 Microsoft 365 \u30a2\u30d7\u30ea\u3092\u4f7f\u7528\u3057\u3066\u3044\u308b\u7d44\u7e54\u306f\u3001\u7ba1\u7406\u8005\u306e\u4ecb\u5165\u306a\u3057\u306b\u3001CBC \u30e2\u30fc\u30c9\u3067\u306e Office \u30c9\u30ad\u30e5\u30e1\u30f3\u30c8\u306e\u4fdd\u8b77\u3068\u4f7f\u7528\u306b\u79fb\u884c\u3057\u307e\u3059\u3002&nbsp;<\/p>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>MC590144 | Microsoft Purview Information Protection moving to AES256-CBC mode for encryption of email and Offi [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-1985","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/posts\/1985","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/comments?post=1985"}],"version-history":[{"count":0,"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/posts\/1985\/revisions"}],"wp:attachment":[{"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/media?parent=1985"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/categories?post=1985"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/tags?post=1985"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}