[ad_1]
Microsoft Defender now automatically mitigates security vulnerabilities in Exchange Server because Microsoft has added an automatic mitigation tool in Antivirus to address critical vulnerabilities in Exchange Server.
Microsoft has deployed security measures since it discovered bad actors were exploiting four flaws in Exchange Server.
Its latest move is to update Microsoft Defender to automatically mitigate CVE-2021-26855, the most severe of the four vulnerabilities.
Since they act as an entry point to be able to exploit the other three loopholes, preventing the culprits from being able to take advantage of them is a priority.
And customers don’t have to do anything for Microsoft Defender to start protecting servers from attackers.
According to the company, Microsoft Defender automatically determines if the server is vulnerable and applies a mitigation patch once per device.
However, the software giant warns that this is only a temporary relief to protect customers when implementing the Extended Security Update for Exchange Server released earlier this month.
Microsoft has also released a relatively easy-to-use one-click mitigation tool for small businesses designed to reduce the risk of exploitation by vulnerable servers before applying full patches.
The tool can mitigate known attacks that exploit CEV-2021-26855, scan Exchange Server, and attempt to reverse changes made by threats it identifies.
And when Microsoft announced fixes for security vulnerabilities in Exchange Server, it said: Most of the attacks that exploited the vulnerabilities were carried out by a state-sponsored Chinese group called Hafnium.
The group has reportedly infiltrated at least 30,000 organizations in the United States, including police departments, hospitals, government agencies, banks and credit unions.
Other groups may have exploited the vulnerabilities as well, including the ransomware gang that allegedly hijacked Acer’s data hostage for $ 50 million.
Source link