Microsoft’s one-click tool designed to close the Exchange security hole

Microsoft's one-click tool designed to close the Exchange security hole


No time yet?

Microsoft provides its customers with a one-click tool that automatically applies all required patches against the so-called hafnium exploits for Exchange Server since version 2010.

The second week of March 2021 was Microsoft Provided a powershell script, which could use Edmins to test their Exchange Server installations. The script combines commands already published by Microsoft that examine a server for traces left by a successful attack. Can script On github Downloaded

With the one-click tool now presented, Creator is now greatly simplifying the process of securing Exchange Server. It turned out that worldwide server admissions were immediately hesitant about the recommended patch. Obviously, Microsoft hopes to close security gaps more quickly through a process that is easier for the user.

One-click Microsoft Exchange on-premises mitigation tool. (Graphic: Microsoft)

It can actually be done by anyone. However, the most important requirement is that the user “One-click Microsoft Exchange on-premises mitigation tool” Has admin rights for the Exchange server in question.

Almost done!

Please click on the link in the confirmation email to complete your registration.

Would you like more information about the newspaper?
Find out more now

If this is the case, the tool takes care to install all patches automatically. Microsoft’s security scanner is then used. Checks the server for any malware infections that could have been initiated by hackers in the meantime. If necessary, it also tries to undo any changes made by the malware.

In all of this, the manufacturer clearly states that the device can only detect and make the attacks known to date. Apparently, Microsoft does not ensure that it has already identified all holes. In any case, a full version update of the affected server software should be available shortly.

On Tuesday, the Federal Office for Information Security (BSI) was also one security warning In which it provides detailed information on the dangers posed by hafnium feats. Officials continued to contact the operators of the server in distress.

Microsoft responds after 2 months of knowing and reducing exploitation of security holes

It wasn’t Microsoft until early March made publicAn alleged Chinese hacker group, which the manufacturer calls “hafnium”, had broken through four different vulnerabilities in Exchange servers worldwide. According to Microsoft’s findings, hackers are primarily interested in education, health care and defense in companies and institutions. According to the company’s knowledge, hackers acted against targets specifically and, above all, in the United States.

It quickly became apparent that Microsoft was mistaken with these assumptions. Experts like security expert Brian Krebs now believe this Exchange serverThose that were online between 26 February and 3 March were actually hacked. This means that when in doubt Thousands of people were affected.

Although microsoft does Latest since the beginning of january After learning about the exploits, it took two months for the company to distribute the patch. The extent of damage cannot currently be reliably assessed.

You might also be interested in that

More from Laurence Porter
NASA probe “Osiris-Rex” must continue research
space travel Apophis after Bennu: Space agency NASA’s probe “Osiris-Rex” is to...
Read More
Leave a comment

Your email address will not be published. Required fields are marked *