After several days insisting on the urgency to patch your Microsoft Exchange servers Following the discovery of an Exchange vulnerability that has led to its hacking in thousands of companies and institutions, the Redmond have decided to make it even easier for IT administrators to shield their systems against these attacks. For it has launched a tool with which one click is enough to mitigate attacks on Microsoft Exchange.
The release of this tool comes after a few days ago, on March 2, it released emergency patches to protect servers that had Microsoft Exchange. Despite this, the company estimates that there are at least still more than 82,000 servers that are not patched and that, therefore, they remain vulnerable to attack. In addition, it had launched a script so that administrators could see if their servers contained indicators of having been compromised and be related to Exchange vulnerabilities. Apart from security updates for versions of Exchange Server that were not already supported.
But despite this, Microsoft realized, after talking with customers and partners, that it was necessary «an automated, simple and easy-to-use solution that meets the needs of customers using local versions of Exchange Server, both current and no longer supported«. This is how the Microsoft Exchange On-premises Mitigation Tool has arrived.
The tool can be run on Exchange servers and includes Microsoft Safety Scanneras well as a URL rewriting function for vulnerability CVE-2021-26855, which can lead to Remote Code Execution (RCE) attacks, if exploited.
This is designed to help customers who may not have a dedicated security area or IT staff on hand to help mitigate attacks and troubleshoot the issue. With it they will be able to do it, and also, according to Microsoft, it has been tested and works on Exchange Server 2013, 2016 and 2019.
Of course, it must be borne in mind that the tool is not an alternative to patching, but a means to mitigate the risk of attack until an update is applied and the server is patched, something that the company suggests should be done as soon as possible. , and that “This tool is not a substitute for the Exchange security update, but it is the simplest and fastest way to mitigate the highest risks of on-premises and Internet-connected Exchange servers prior to patching«.
–
