![]() Your essential guide to New Zealand Vendors Your essential guide to New Zealand Distributors ![]() Microsoft flagged the attack chain on 2 March, when it released security updates for Exchange Server to protect users against vulnerabilities in on-premises versions of the software, with the China-based state-sponsored actor Hafnium flagged as the primary group behind exploits targeting the flaws at the time. The vendor recommended that the new tool be used over the previous script, as it is based on the latest threat intelligence. This comes more than a week after Microsoft released an updated script that scanned Exchange log files for indicators of compromise (IOCs). The new tool came out of the vendor working with customers through its customer support teams, third-party hosters and partner network, with Microsoft coming to the conclusion there was a need for an automated solution for both current and out-of-support versions of on-premises Exchange Server. While not intended to be a replacement for Exchange security updates, the tool, which was published on GitHub, is considered by Microsoft to be the “fastest and easiest way to mitigate the highest risks” for internet connected, on-premises Exchange Server before patches are applied. It then scans the Exchange Server with Microsoft Safety Scanner and attempts to reverse changes made by identified threats.
0 Comments
Leave a Reply. |