A new feature added to Microsoft Exchange Server makes it possible to automatically apply solutions for high-risk vulnerabilities. It is not even a “fault fixer”, but can be considered a tool that helps to reduce the impact of criminals trying to exploit possible loopholes.
- Microsoft warns of gang offering phishing on demand
- Microsoft investigates error in Gmail integration with Outlook
- Microsoft Office breach may be more dangerous than it seemed
The company founded by Bill Gates makes the new component months after reports that Microsoft Exchange zero-day vulnerabilities (those that were unknown during the software release) were exploited by cyber criminal groups, stealing company credentials and sensitive information.
The tool, called Microsoft Exchange Emergency Mitigation (EM), was developed based on the old Mitigation Tool available on the platform since March, designed to help users lessen the impact of attacks made to from the ProxyLogon failure set.
Want to catch up on the best tech news of the day? Go and subscribe to our new channel on youtube, Canaltech News.
Every day a summary of the main news in the tech world for you!
Microsoft Exchange Emergency Mitigation works by detecting which vulnerabilities can be abused on the server and applying solutions to mitigate possible attacks from them, until security updates that definitively fix these flaws are made available.
Microsoft Exchange Emergency Mitigation, after installed on a server, you can apply three types of temporary solutions:
- Solving HTTP requests: a rule that blocks certain patterns of HTTP connection requests that can compromise the server;
: disables a vulnerable service on the server;
: Disables a vulnerable application pool found on the Exchange server.
If network administrators prefer not to have workarounds automatically applied, Microsoft Exchange Emergency Mitigation can be disabled. In addition, individual patches can be managed by PowerShell and can be re-applied or even removed.
The Microsoft Exchange development team, in a statement to the BleepingComputer website, made it clear that it only intends to provide temporary solutions for the most severe failures, as the automatic application of these fixes can compromise the use of servers, hindering companies that make use of services available on Exchange.
Microsoft Exchange Emergency Mitigation will be available from September 2021, in the September Cumulative Update 2021 for Exchange Server 2019 and Exchange Server . Only servers with the Mailbox role will have access to the new component.
Source: BleepingComputer, Microsoft
Did you like this article?
Subscribe your email on Canaltech to receive daily updates with the latest news from the world of technology.