Following the discovery of Exchange server vulnerabilities, Microsoft had scrambled to release emergency patches. The initial patches were released for Exchange Server 2019, Server 2016, and Server 2013. The company acknowledged that the vulnerabilities were being used by cybercriminals for limited and targeted attacks.
Apart from patches, Microsoft also introduced a slew of mitigation tools. Just recently, it updated Microsoft Defender Antivirus to prevent critical vulnerabilities. Microsoft said the update would automatically block the CVE-2021-26855, one of the four vulnerabilities used for cyberattacks.
“The Exchange security update is still the most comprehensive way to protect your servers from these attacks and others fixed in earlier releases. This interim mitigation is designed to help protect customers while they take the time to implement the latest Exchange Cumulative Update for their version of Exchange,” the company had said.
According to reports, the Exchange server vulnerabilities were being used to target firms and organisations globally. Check Point Research said that a total of 32 firms in India were targeted. Researchers further revealed that the finance and the banking sector was the worst hit with 28% of the hacks followed by government and military (16%), manufacturing (12.5%), insurance and legal (9.5%). All other industries constituted the remaining 34%.
Despite the patches and mitigation tools, the Exchange server vulnerabilities may leave lasting damage. Microsoft has also acknowledged that patching a system does not necessarily remove the access of the attacker.
"Many of the compromised systems have not yet received a secondary action, such as human-operated ransomware attacks or data exfiltration, indicating attackers could be establishing and keeping their access for potential later actions," the Microsoft 365 Defender Threat Intelligence Team said in a post.
"exchange" - Google News
March 28, 2021 at 12:56PM
https://ift.tt/3rokbII
Microsoft says 92% of vulnerable Exchange servers patched, mitigated - HT Tech
"exchange" - Google News
https://ift.tt/3c55nbe
https://ift.tt/3b2gZKy
Exchange
Bagikan Berita Ini
0 Response to "Microsoft says 92% of vulnerable Exchange servers patched, mitigated - HT Tech"
Post a Comment