Microsoft tool provides automated Exchange threat mitigation – Security

Nancy J. Delong

Microsoft has launched a PowerShell script to help prospects operating its Exchange Server on-premises computer software to quickly and effortlessly mitigate towards an assault chain of vulnerabilities that is less than major exploitation now.

The Exchange On-Premises Mitigation Device or EOMT is advisable more than Microsoft’s previously ExchangeMitigations.ps1 script, and handles the CVE-2021-26855 vulnerability via a uniform source locator (URL) rewrite configuration.

This, Microsoft explained, mitigates towards the recognised strategies of exploiting the CVE-2021-26855 server-side request forgery authentication bypass vulnerability, which varieties the to start with aspect of a four-stage assault chain that can guide to total program compromise.

On major of mitigating towards CVE-2021-26855, EOMT is completely automatic and downloads all the dependencies it involves.

EOMT also operates the Microsoft Basic safety Scanner to detect malware on influenced Exchange Servers, and makes an attempt to remediate compromises detected.

The resource involves PowerShell 3 or later on, and Online Data Expert services seven.5 or far better. 

Microsoft has analyzed EOMT on Exchange 2013, 2016 and 2019, devoid of adverse effects found so considerably.

Exchange administrators are encouraged that EOMT must only be utilized as a non permanent mitigation evaluate until their servers can be completely current.

Exploitation of unpatched servers continues around the globe with reviews of ransomware staying set up on them, alongside with webshells for facts exfiltration.

Performing collectively with Microsoft, protection seller RiskIQ tracked the Exchange patching development, and mentioned that on March 12, Australia experienced more than 2100 susceptible servers. All over the world the amount is more than eighty,000.

Next Post

Realme GT Banned by AnTuTu Over Alleged Benchmark Cheating, Realme Gets Ultimatum to Fix Manipulation

Realme GT has been removed from benchmarking platform AnTuTu for allegedly dishonest its benchmark tests. The Beijing-primarily based application company claimed that the most up-to-date Realme flagship manipulated the results of its performance in the multithreaded workload and JPG decoding sections of the AnTuTu app. The Realme GT was released […]