Microsoft patching vulnerable exchange servers; 92% patched

Microsoft is working on the on-premises Exchange Server updates after discovering the vulnerabilities that are rounding it off. The company has initiated the patchwork on the releases for Exchange Server 2013, Server 2016, and Server 2019 after acknowledging the vulnerabilities that were targeted by the attackers.

The tech giant has rolled out an update for the Microsoft Deference Antivirus to prevent the vulnerabilities that will block the CVE-2021-26855 automatically and others. Microsoft has also rolled out mitigation tools for the users.

The new security update is to protect the servers from any type of attacks. The mitigation will also help in keeping customer data safe and secure as implemented in the Exchange Cumulative Update.

The Exchange Server vulnerabilities were targeting the 32 Indian organisations that include the banking and financial sectors that faced around 28% of the hacks. This was followed up with 16% in the government and military sector, 12.5% in the manufacturing industry, and 28% in the insurance and legal domain.

This might leave lasting damage even after the mitigation and patch tools. The company will remove the access of the attackers.

The Microsoft 365 Defender Threat Intelligence Team said that the systems were compromised but they have not yet received a secondary action that makes it possible that the attackers are keeping it for later action.