Microsoft Defender Antivirus Now Automatically Mitigates Exchange Server Vulnerabilities

Microsoft has implemented an automatic mitigation tool within Defender Antivirus to tackle critical vulnerabilities in Exchange Server.

On March 18, the Redmond giant said the software will automatically mitigate CVE-2021-26855, a severe vulnerability that is being actively exploited in the wild.

This vulnerability is one of four that can be used in a wider attack chain to compromise on-premise Exchange servers. 

Microsoft released emergency fixes for the security flaws on March 2 and warned that a state-sponsored threat group called Hafnium was actively exploiting the bugs, and since then, tens of thousands of organizations are suspected to have been attacked.

At least 10 other advanced persistent threat (APT) groups have jumped on the opportunity slow or fragmented patching has provided. 

The implementation of a recent security intelligence update for Microsoft Defender Antivirus and System Center Endpoint Protection means that mitigations will be applied on vulnerable Exchange servers when the software is deployed, without any further input from users. 

According to the firm, Microsoft Defender Antivirus will automatically identify if a server is vulnerable and apply the mitigation fix once per machine. 

If automatic updates aren't turned on, it is recommended that users manually install the new update and make sure their software is upgraded to at least build 1.333.747.0, or newer. Cloud protection is not required to receive the mitigation fix but the company recommends that this feature is enabled as a matter of best practice. 

Earlier this week, Microsoft released a one-click mitigation tool designed to be a way to reduce the risk of exploit on vulnerable servers before full patches can be applied and this update to the firm's antivirus software has been released under the same principle. 

The mitigation tool is still readily available as an alternative way to mitigate risk to vulnerable servers if IT admins do not have Defender Antivirus. 

"The Exchange security update is still the most comprehensive way to protect your servers from these attacks and others fixed in earlier releases," Microsoft says. "This interim mitigation is designed to help protect customers while they take the time to implement the latest Exchange Cumulative Update for their version of Exchange."

On March 17, Microsoft launched the firm's quarterly cumulative updates for Exchange Server 2016 and Exchange Server 2019 which also contains the security patches required to tackle the critical vulnerabilities. 

Previous and related coverage


Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0


RECENT NEWS

How Fintech Is Revolutionizing Traditional Banking

How fintech is revolutionizing traditional banking is a topic that is garnering positive and immense discourse within th... Read more

Blockchain And Its Impact On Fintech Industry

Blockchain and its impact on Fintech Industry has become a hot topic in the current digital era. The amalgamation of blo... Read more

The Rise Of Fintech In The Digital Era

In the heart of the digital revolution, we've observed a term termed as "fintech" creating a substantial and transformat... Read more

Role Of Fintech In Transforming Retail Banking

The role of fintech in transforming retail banking is producing significant changes in the financial services industry. ... Read more

Fintech Innovations In Asset Management

Financial technology, or FinTech, refers to the blending of financial services with technology. The importance of FinTec... Read more

Exploring The Future Of Accounting Software: Unveiling The Power Of AI

The revolutionary ignition sparked by artificial intelligence (AI) cannot be understated in contemporary business ecosys... Read more