In an effort to further protect its customers' Exchange Servers, Microsoft has released a new security intelligence update that enables its antivirus software to automatically mitigate cyberattacks that exploit the remote code execution vulnerability tracked as CVE-2021-26855.
Cybercriminals have been exploiting unpatched on-premises versions of Exchange Server 2013, 2016 and 2019 in a recent series of cyberattacks.
- We've built a list of the best endpoint protection software around
- Keep your devices virus free with the best malware removal software
- These are the best ransomware protection solutions on the market
Now though, the software giant has taken an additional step by configuring Microsoft Defender Antivirus and System Center Endpoint Protection to automatically protect against attacks on vulnerable Exchange Servers. The only thing customers need to do is to ensure they have the latest security intelligence update installed if they don't already have automatic updates turned on.
While Microsoft has added additional protection to its antivirus and endpoint protection software to mitigate this growing threat, the company pointed out in a new blog post that the Exchange security update is still the most comprehensive way to protect vulnerable servers from these attacks.
Additionally, organizations using Exchange Servers will still need to install the security update even after this mitigation.
Microsoft's interim mitigation is mainly designed to help protect customers while they take the time to implement the latest Exchange Cumulative Update for their version of Exchange.
If you haven't installed the latest security update for Exchange, now is the time to do so as cybercriminals have begun to exploit the zero-day vulnerabilities discovered in Microsoft Exchange email server to deliver ransomware to organizations running vulnerable versions of Exchange.
- We've also rounded up the best email services