Microsoft is in the process of controlling the damage after it was revealed that cybercriminals had compromised their Exchange Server. Already, it has released many patches to fix the gaps. Earlier this week, the company relaunched Microsoft Defender Antivirus to prevent serious threats.
The company said the upgrade would block CVE-2021-26855, which is one of four problems used for cyber attacks.
According to the Engadget report, CVE-2021-26855 acts as an entry point. Therefore, its ban could make it difficult for cyber criminals to access other threats. Microsoft has noted that its customers do not need to do more than make sure that they install the latest version of the spyware update (create 1.333.747.0 or newer) if automatic updates are not allowed.
“Exchange security updates are still the most comprehensive way to protect your servers from these and other attacks that have been fixed in previous releases. These temporary reductions are designed to help protect customers while taking the time to use the latest Exchange Cumulative Update for their Exchange version, ”the company said in a post.
Prior to the update to Defender Antivirus, Microsoft introduced a one-click reduction tool for smaller companies. The tool is very easy to install for companies, especially those that do not have dedicated IT security teams.
According to Microsoft, the mitigation tool will help reduce CVE-2021-26855 on any Exchange server installed. Microsoft has warned that this tool is not a substitute for Exchange Security but rather as a quick and easy way to reduce risk for platform companies.
Microsoft earlier this month revealed that cybercriminals are using threats to Microsoft Exchange servers to target organizations around the world. According to a CheckPoint report, the US suffered 17% more attacks followed by Germany (6%) and the UK (5%). Indian firms have also been attacked by criminals who exploit the Exchange Server. It said government-sponsored hackers used a lot to be at risk. The $ 50 million ransomware lawsuit against Acer, however, suggests that other hacker groups are also using it.