Header Ads

Breaking News

Microsoft Defender Update Will Work To Prevent Exchange Server Exploits



(Photo Illustration by Omar Marques/SOPA Images/LightRocket via Getty Images)

Microsoft is working to bolster its Defender Antivirus program in a bid to prevent new Exchange Server exploits.

According to Engadget, Microsoft has been releasing a variety of security updates ever since groups have been exploiting a series of flaws with Exchange Server.

The first step toward locking down any potential issues has been to update the program so that it will resolve any issues with the worst vulnerability among the four already identified: CVE-2021-26855. Bad actors would need to first get in via this exploit to access the other three.

Microsoft has made it clear that this is a stopgap measure that isn’t meant to completely resolve the issues brought on by the exploits, but it’s a simpler and more accessible way to help protect users who might be at risk. Microsoft has offered a “one-click mitigation tool” to help deploy the patch. It protects against a variety of attacks, including those like CVE-2021-26855, which can scan Exchange servers. The tool can also help lessen the damage or changes already made by the exploits.

Microsoft is taking action on these exploits after a recent attack on Taiwanese computer manufacturer Acer. Bleeping Computer reported that the REvil group had demanded a sum of $50 million in a ransomware attack on the company.

Acer didn’t release full details about the event, and shied away from referring to ransomware when speaking about it. Instead, the company stated it had “reported recent abnormal situations observed to the relevant law enforcement and data protection in authorities in multiple countries.”

It’s believed that the same exploit was used to carry out similar attacks, like those by a Chinese state-sponsored group called Hafnium. There are several groups believed to be using the same exploits for a series of other attacks as well.

Microsoft doesn’t yet have a permanent solution in place.

Source Link

No comments