[ad_1]
Microsoft Exchange Server Local Mitigation Tool. Credit: Microsoft
In light of the plethora of cybercriminals who have attempted to attack on-premises, unpatched versions of Exchange Server 2013, 2016, and 2019, Microsoft has increased its support to customers and partners to protect their environments and respond to related incidents.
So far, the company has introduced a comprehensive security update, a detailed guide to help address these attacks, and a one-click interim Exchange on-premises mitigation tool for current and unsupported versions of on-premises Exchange servers. The Security Update implies the recommendation to begin the repair by updating any Exchange server connected or published on the Internet, since the attackers have been exploiting the HTTPS web access.
For customers who have not yet deployed this update and are therefore still at risk, Microsoft has released a Security Intelligence Update that includes Microsoft Defender Antivirus and System Center Endpoint Protection that will automatically defend against this threat, CVE-2021 -26855, on any affected vulnerable Exchange. Server. To enable this functionality, customers must enable automatic updates or simply install the latest security intelligence update 1.333.747.0.
In fact, this security update gives users time to deploy the latest cumulative update for Exchange for their version of Exchange. Additionally, Microsoft intends to collaborate with its security partners so that they can apply similar mitigations to their own products.
For Microsoft customers wondering if the default settings for automatic definition updates are sufficient to cover this change, just make sure to install Microsoft Defender Antivirus. At this point, the customer will be able to select and add the new discovery build 1.333.747.0 or higher.
That said, customers should ensure that security updates are an ongoing top priority for their Exchange Server, as many vulnerabilities can still emerge. Fortunately, in the meantime, however, Microsoft will automatically detect vulnerable installed Exchange servers and apply all mitigations as soon as the customer implements the security intelligence update. Every affected machine will receive this mitigation.
Furthermore, although cloud protection is not required to obtain this mitigation, such protection is always a useful security measure to protect company and user assets against all the dynamic cyber threats that exist. Therefore, Microsoft encourages customers to enable cloud protection for whatever type of cloud environment their business uses.
Finally, customers who do not yet have Microsoft Defender Antivirus can get started by downloading the Microsoft Exchange Local Mitigation Tool with one click and immediately running the tool on their Exchange servers. For those who already use Microsoft Safety Scanner, this tool and the mitigation tool can be used in unison.
New strain of ransomware exploits Microsoft Exchange security flaw
“Automatic Local Exchange Server Mitigation Now in Microsoft Defender Antivirus”. Microsoft Security, Microsoft, March 19, 2021, www.microsoft.com/security/blo… -defender-antivirus /
© 2021 Science X Network
Citation: Microsoft Defender Antivirus now offers automatic mitigation of local Exchange Server (2021, March 22), retrieved March 22, 2021 from https://techxplore.com/news/2021-03-microsoft-defender-antivirus-automatic-on -premises. html
This document is subject to copyright. Apart from any fair dealing for the purpose of private study or investigation, no part may be reproduced without written permission. The content is provided for informational purposes only.
[ad_2]
