Blog

You are currently viewing Microsoft Defender Will Now Automatically Break The Attack Chain In Exchange Server Exploits

Microsoft Defender Will Now Automatically Break The Attack Chain In Exchange Server Exploits

  • Post author:
  • Post category:Uncategorized
  • Post comments:0 Comments

Microsoft Defender: For the past couple of weeks, news about on-premises Exchange Servers being under attack from state-sponsored groups; as well as other malicious actors have been making the rounds. Since then, Microsoft has released multiple patches; tools; and guidance to aid customers in protecting their server instances. Now, the firm is enabling Microsoft Defender Antivirus to automatically mitigate some of these vulnerabilities.

 

Customers who have Microsoft Defender Antivirus build 1.333.747.0 or later installed do not have to do anything; but they will automatically be protected against CVE-2021-26855 on Exchange server instances where they are deployed. As explained by Microsoft earlier this month, this particular vulnerability is a “server-side request forgery (SSRF) vulnerability in Exchange; which allowed the attacker to send arbitrary HTTP requests and authenticate as the Exchange server”.

Also Read:
– Microsoft Teams Will Soon Allow Users To Lock Meetings, Set Breakout Room Timers
– Nokia Partners With Microsoft To Integrate Cloud RAN With Azure
– Google Says Microsoft Is Sabotaging Its Efforts To support Journalism

That said, Microsoft has emphasized that the optimal method to secure yourself against the recent exploits is still to install the patches that the company has issued. This is just a temporary workaround which breaks the attack chain so customers can protect themselves partially as they apply cumulative updates.

 

The firm has also highlighted that the automatic mitigation will be deployed once per machine and that customers who don’t have Defender Antivirus installed should instead use the one-click mitigation tool. It is important to note that Exchange Online is not affected by these vulnerabilities and exploits.

 

 

For your daily dose of tech, lifestyle, and trending content, make sure to follow Plat4om on Twitter @Plat4omLive, on Instagram @Plat4om, on LinkedIn at Plat4om, and on Facebook at Plat4om. You can also email us at info@techtalkwithtdafrica.com and join our channel on Telegram at Plat4om. Finally, don’t forget to subscribe to our YouTube channel HERE.

Tags: , ,

Leave a Reply