NEW DELHI: In an effort to take control of the recent hack on its email servers, Microsoft’s anti-malware tool, Microsoft Defender, will automatically patch the Exchange Server. Defender Antivirus is included with Windows and acts as the first line of defence for PCs.
“With the latest security intelligence update, Microsoft Defender Antivirus and System Center Endpoint Protection will automatically mitigate CVE-2021-26855 on any vulnerable Exchange Server on which it is deployed,” the company said in a blog post.
Also Read | The invisible hand in India’s stock market
Security experts have noticed increased activity from Chinese hackers, Hafnium, since the hack was detected. While hackers scurry to exploit unpatched accounts, Microsoft’s new solution will patch the loopholes automatically just as long as the “latest security intelligence update” has been installed. The update to Defender Antivirus will be installed automatically if the feature is turned on. Look for build 1.333.747.0 or later if you’re downloading it manually.
Microsoft issued an emergency update on 2 March, when the hack was made public. However, as reported by Krebs on Security earlier, the company knew about the hack since January this year. Since the hack went public, multiple advanced persistent threat (APT) groups have tried to take advantage of the loophole, while reports say over 60,000 organizations have been compromised due to the hack so far.
The update to Microsoft Defender and Software Center Endpoint Protection reduces the amount of work IT teams have to do to ensure their organisations are protected. “This interim mitigation is designed to help protect customers while they take the time to implement the latest Exchange Cumulative Update for their version of Exchange,” the company said.
The security updates are included in the quarterly updates Microsoft issued for Exchange Server 2016 and 2019 on 17 March.