Menu
Microsoft releases interim mitigation tool for Exchange vulnerability

Microsoft releases interim mitigation tool for Exchange vulnerability

Mitigates the CVE-2021-26855 vulnerability.

Credit: Supplied

Microsoft has released an interim mitigation tool to automatically mitigate one vulnerability in the attack chain associated with the zero-day Exchange Server exploits the vendor disclosed earlier this month

The Exchange On-premises Mitigation Tool, or EOMT, aims to protect and mitigate against CVE-2021-26855 on Exchange servers prior to patching and was designed for those who are either unfamiliar with the updating process or have not applied the update yet. 

The tool has been tested on the 2013, 2016 and 2019 versions of Exchange Server and works by using a URL Rewrite configuration to mitigate against known attacks using CVE-2021-26855. 

It then scans the Exchange Server with Microsoft Safety Scanner and attempts to reverse changes made by identified threats. 

While not intended to be a replacement for Exchange security updates, the tool, which was published on GitHub, is considered by Microsoft to be the “fastest and easiest way to mitigate the highest risks” for internet connected, on-premises Exchange Server before patches are applied. 

The new tool came out of the vendor working with customers through its customer support teams, third-party hosters and partner network, with Microsoft coming to the conclusion there was a need for an automated solution for both current and out-of-support versions of on-premises Exchange Server. 

This comes more than a week after Microsoft released an updated script that scanned Exchange log files for indicators of compromise (IOCs). The vendor recommended that the new tool be used over the previous script, as it is based on the latest threat intelligence. 

Microsoft flagged the attack chain on 2 March, when it released security updates for Exchange Server to protect users against vulnerabilities in on-premises versions of the software, with the China-based state-sponsored actor Hafnium flagged as the primary group behind exploits targeting the flaws at the time. 


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags Microsoft

Events

Why experience is the new battleground for partners

Join us for an exclusive webinar, in association with Hewlett Packard Enterprise and Technology Services Industry Association (TSIA) and learn about the latest industry insights and how technology services continue to evolve to deliver differentiated value, and how partners can be successful in 2021 and beyond.

Featured

Slideshows

The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards

The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards

Hundreds of leaders from the New Zealand IT industry gathered at the Hilton in Auckland on 17 November to celebrate the finest female talent in the Kiwi channel and recognise the winners of the Reseller News Women in ICT Awards (WIICTA) 2020.

The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards
Leading female front runners honoured at the 2020 Reseller News Women in ICT Awards

Leading female front runners honoured at the 2020 Reseller News Women in ICT Awards

The leading female front runners of the New Zealand ICT industry joined together for the annual Reseller News Women in ICT Awards event at the Hilton in Auckland, during which hundreds of guests celebrated 13 outstanding individuals who won awards, chosen from more than 50 finalists representing over 30 organisations.

Leading female front runners honoured at the 2020 Reseller News Women in ICT Awards
Channel gathers to celebrate the Reseller News Innovation Awards 2020 winners

Channel gathers to celebrate the Reseller News Innovation Awards 2020 winners

More than 500 channel leaders gathered in Auckland on 21 October at the ​Reseller News Innovation Awards ​2020 to celebrate the achievements of the New Zealand technology industry's top partners, start-ups, vendors, distributors and individuals.

Channel gathers to celebrate the Reseller News Innovation Awards 2020 winners
Show Comments