Microsoft Defender Antivirus will now automatically mitigate on-premises Exchange Server vulnerabilities

Despite Microsoft’s efforts, there are still thousands of on-premise Exchange Servers which are unpatched and vulnerable to being exploited by hackers for data theft and ransomware attacks.

So far Microsoft has released a comprehensive Security Update, a one-click interim Exchange On-Premises Mitigation Tool for both current and out-of-support versions of on-premises Exchange Servers, and step-by-step guidance to help address these attacks.

Now the company has taken an additional step to further protect companies who are still vulnerable and have not yet implemented the complete security update.

The latest version of Microsoft Defender Antivirus and System Center Endpoint Protection, with the latest security intelligence update, will now automatically mitigate CVE-2021-26855 on any vulnerable Exchange Server on which it is deployed. Customers do not need to take action beyond ensuring they have installed the latest security intelligence update (build 1.333.747.0 or newer), if they do not already have automatic updates turned on.

The move is not a replacement for patching but will protect servers until patches can be put in place.  Microsoft is posting further guidance at aka.ms/exchangevulns.

Read more at Microsoft here.