Microsoft releases tool to protect customers against server attack

Hit by multiple hacking on its business email servers, Microsoft has released a new, one-click mitigation tool to help customers who do not have dedicated security or IT teams to apply key security updates.

Called ‘Microsoft Exchange On-Premises Mitigation Tool’, the security feature has been tested across Exchange Server 2013, 2016, and 2019 deployments.

“This new tool is designed as an interim mitigation for customers who are unfamiliar with the patch/update process or who have not yet applied the on-premises Exchange security update,” the tech giant said in a statement late on Monday.

Reports have claimed that five different hacking groups (including China-backed hacking group called ‘Hafnium’) were attacking the business email servers of Microsoft.

Microsoft has already released an emergency patch for its Exchange Server product, the most popular mail server worldwide. All incoming and outgoing emails, calendar invitations and virtually anything accessed within Outlook goes through the Exchange server.

The company said that the new tool, which includes the latest Microsoft Safety Scanner, is not a replacement for the Exchange security update but is the fastest and easiest way to mitigate the highest risks to internet-connected, on-premises Exchange Servers prior to patching.

“We have been actively working with customers through our customer support teams, third-party hosters, and partner network to help them secure their environments and respond to associated threats from the recent Exchange Server on-premises attacks,” the company mentioned.

The company recommends that all customers who have not yet applied the on-premises Exchange security update must download this tool and run it on their Exchange servers immediately.

A Check Point Research said on Monday that at least 32 Indian organisations have been attacked by hackers who exploited vulnerabilities in unpatched Microsoft business email servers, adding that the finance and banking institutions have been hit the most in the country.

According to KrebsOnSecurity, at least 30,000 organisations across the US, including government and commercial firms, have been hacked by China-based threat actors who used Microsoft’s Exchange Server software to enter their networks.