This article has been indexed from E Hacking News – Latest Hacker News and IT Security News
One of the prominent targets for hackers is Microsoft Exchange, and the attack vector typically involves a popular vulnerability which the organization hasn’t recently patched. A new solution by Microsoft aims at providing urgent protection after several attacks over the last year that used zero-days against on-site versions of Microsoft Exchange servers.
Microsoft has implemented a new Exchange Server capability that automatically implements interim mitigations to protect on-site systems against incoming cyberattacks, against high-risk (and probably regularly exploited) security vulnerabilities, and allows administrators to deploy security upgrades.
This update comes following a series of zero-day vulnerabilities detected in Microsoft Exchange, which was used to infiltrate servers by state-supported hacker organizations with no patch or mitigation information accessible for administrators.
Built on the Microsoft Emergency Exchange Mitigation (EM), which was launched in March to limit the attack surface, exposes the ProxyLogon vulnerabilities, the new Exchange Server component, suitable for the Microsoft exchange Emergency Mitigation (EM) service. EM is operating on Exchange Mailbox servers as a Windows service.
After implementing the September 2021 (or later) CU on Exchange Server 2016 or Exchange Server 2019 it will be installed automatically on servers having the Mail Box role. It detects Exchange Servers
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: Latest Microsoft Exchange Server Feature Mitigates High-Risk Bugs