Exchange 2010|Exchange 2013|Exchange 2016|Exchange 2019|Exchange Server

Microsoft Releases ‘One-Click’ HAFNIUM Mitigation Tool

To say the HAFNIUM has caused a bit of pandemonium the past week or so is a bit of an understatement. The 0-day vulnerability is being actively used by nefarious individuals and groups to access sensitive data.

One of the many problems, aside from the last remaining Exchange server running inside many organizations, is that patching your infrastructure is not always a simple task. If you don’t have a dedicated security or IT team at your disposal (something that is a frequent occurrence in smaller companies), patching Exchange can be a significant challenge and result in downtime.

Image #1 Expand

Image Credit: Microsoft

Announced today, Microsoft has released a ‘one-click’ tool that is able to patch Exchange Server 2013, 2016, and 2019 deployments. The company says that this tool is designed as an interim mitigation solution but does not fully replace the previously released patch for these systems.

This tool also includes Microsoft Safety Scanner and once you run the application, it will perform the following actions:

Sponsored Content

Read the Best Personal and Business Tech without Ads

Staying updated on what is happening in the technology sector is important to your career and your personal life but ads can make reading news, distracting. With Thurrott Premium, you can enjoy the best coverage in tech without the annoying ads.

  • Mitigate against current known attacks using CVE-2021-26855 using a URL Rewrite configuration.
  • Scan the Exchange Server using the Microsoft Safety Scanner.
  • Attempt to reverse any changes made by identified threats.

The company says that before running the tool, it’s important to understand that this patch is only effective against attacks that the company has seen so far and it is not guaranteed to protect against future attacks. They also recommend this tool over the previously released ExchangeMitigations.ps1. Further, if you have already started using the other script, you can migrate to this new tool without any issues.

While it’s unfortunate that HAFNIUM has existed in the first place, at least now there is a tool that is going to help the smaller organizations that may not have the resources need to patch their environment.

Download: Microsoft Exchange On-Premises Mitigation Tool

BECOME A PETRI MEMBER:

Don't have a login but want to join the conversation? Sign up for a Petri Account

Register
Comments (0)

Leave a Reply

Brad Sams has more than a decade of writing and publishing experience under his belt including helping to establish new and seasoned publications From breaking news about upcoming Microsoft products to telling the story of how a billion dollar brand was birthed in his book, Beneath a Surface, Brad is a well-rounded journalist who has established himself as a trusted name in the industry.

Download this eBook!

External Sharing and Guest User Access in Microsoft 365 and Teams

his eBook will dive into policy considerations you need to make when creating and managing guest user access to your Teams network, as well as the different layers of guest access and the common challenges that accompany a more complicated Microsoft 365 infrastructure. The eBook will also outline some of the major decision points across four general-purpose guest access policy scenarios for how an organization can set this up with standard licensing.

Download Now

Sponsored By