Microsoft Defender Antivirus now automatically protects against Exchange attacks

News
By Anthony Spadafora
published

New update automatically mitigates a remote code execution vulnerability in Exchange

Antivirus Software
(Image credit: Shutterstock)

In an effort to further protect its customers' Exchange Servers, Microsoft has released a new security intelligence update that enables its antivirus software to automatically mitigate cyberattacks that exploit the remote code execution vulnerability tracked as CVE-2021-26855.

Cybercriminals have been exploiting unpatched on-premises versions of Exchange Server 2013, 2016 and 2019 in a recent series of cyberattacks. 

So far, Microsoft has released a comprehensive security update, a one-click interim Exchange On-Premises Mitigation Tool and step-by-step guidance to help organizations address these attacks.

Now though, the software giant has taken an additional step by configuring Microsoft Defender Antivirus and System Center Endpoint Protection to automatically protect against attacks on vulnerable Exchange Servers. The only thing customers need to do is to ensure they have the latest security intelligence update installed if they don't already have automatic updates turned on.

Automatic mitigation

While Microsoft has added additional protection to its antivirus and endpoint protection software to mitigate this growing threat, the company pointed out in a new blog post that the Exchange security update is still the most comprehensive way to protect vulnerable servers from these attacks.

Additionally, organizations using Exchange Servers will still need to install the security update even after this mitigation.

Microsoft's interim mitigation is mainly designed to help protect customers while they take the time to implement the latest Exchange Cumulative Update for their version of Exchange.

If you haven't installed the latest security update for Exchange, now is the time to do so as cybercriminals have begun to exploit the zero-day vulnerabilities discovered in Microsoft Exchange email server to deliver ransomware to organizations running vulnerable versions of Exchange. 

Anthony Spadafora
Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.