Microsoft Defender Will Automatically Prevent Exchange Server Exploits

SHARE THIS ARTICLE

REACH US

GENERAL INQUIRY

[email protected]

ADVERTISING

[email protected]

PRESS RELEASE

[email protected]

HOTLINE

+673 222-0178 [Office Hour]

+673 223-6740 [Fax]

Upcoming Events

Prayer Times

The prayer times for Brunei-Muara and Temburong districts. For Tutong add 1 minute and for Belait add 3 minutes.

Imsak	: 05:01 AM
Subuh	: 05:11 AM
Syuruk	: 06:29 AM
Doha	: 06:51 AM
Zohor	: 12:32 PM
Asar	: 03:44 PM
Maghrib	: 06:32 PM
Isyak	: 07:42 PM

The Business Directory

Security & Privacy

Home > Security & Privacy

Microsoft Defender Will Automatically Prevent Exchange Server Exploits

helen89 via Getty Images

March 21st, 2021 | 22:33 PM | 810 views

ENGADGET.COM

A security update for Defender will mitigate CVE-2021-26855 on vulnerable Exchange servers.

Microsoft has been rolling out one security measure after another ever since it discovered that bad actors have been exploiting four zero—day flaws in Exchange Server. Its latest step is updating the Microsoft Defender Antivirus so that it automatically mitigates CVE-2021-26855, which is the most critical vulnerability among the four. Since it serves as the entry point to be able to exploit the three other flaws, preventing perpetrators from being able to take advantage of it takes priority. Customers don't need to do anything for Defender to start protecting their servers from attackers — that is, other than installing the latest security intelligence update if they don't have automatic updates turned on.

The tech giant warns, however, that this is just an interim mitigation meant to protect customers while they're in the midst of implementing the comprehensive security update for Exchange it released earlier this month. While the original patches could be a bit complicated to deploy, Microsoft has also released a "one-click" mitigation tool for small companies that's relatively easier use. The tool can mitigate against known attacks that exploit CEV-2021-26855, scan Exchange servers and attempt to reverse any changes made by the threats it identifies.

When Microsoft announced the patches for the Exchange vulnerabilities, it said most of the attacks that exploited the flaws were carried out by a Chinese state-sponsored group called Hafnium. It's believed that the group infiltrated at least 30,000 organizations in the US, including police departments, hospitals, government agencies, banks and credit unions. Other groups may have also exploited the vulnerabilities, though, including the ransomware gang that's reportedly holing Acer data hostage for $50 million.

Source:
courtesy of ENGADGET

by Mariella Moon

If you have any stories or news that you would like to share with the global online community, please feel free to share it with us by contacting us directly at [email protected]