
close
close
To say the HAFNIUM has caused a bit of pandemonium the past week or so is a bit of an understatement. The 0-day vulnerability is being actively used by nefarious individuals and groups to access sensitive data.
One of the many problems, aside from the last remaining Exchange server running inside many organizations, is that patching your infrastructure is not always a simple task. If you don’t have a dedicated security or IT team at your disposal (something that is a frequent occurrence in smaller companies), patching Exchange can be a significant challenge and result in downtime.
advertisment
Image Credit: Microsoft
Announced today, Microsoft has released a ‘one-click’ tool that is able to patch Exchange Server 2013, 2016, and 2019 deployments. The company says that this tool is designed as an interim mitigation solution but does not fully replace the previously released patch for these systems.
This tool also includes Microsoft Safety Scanner and once you run the application, it will perform the following actions:
The company says that before running the tool, it’s important to understand that this patch is only effective against attacks that the company has seen so far and it is not guaranteed to protect against future attacks. They also recommend this tool over the previously released ExchangeMitigations.ps1. Further, if you have already started using the other script, you can migrate to this new tool without any issues.
While it’s unfortunate that HAFNIUM has existed in the first place, at least now there is a tool that is going to help the smaller organizations that may not have the resources need to patch their environment.
advertisment
More from Brad Sams
advertisment
Petri Newsletters
Whether it’s Security or Cloud Computing, we have the know-how for you. Sign up for our newsletters here.
advertisment
More in Exchange Server
Microsoft to Ship Some Exchange Server Security Updates in .EXE Packages
May 11, 2022 | Rabia Noureen
M365 Changelog: Exchange Transport Rule Report moving to the new Exchange Admin Center (EAC) from the Security and Compliance Center
Apr 22, 2022 | Petri Staff
M365 Changelog: (Updated) Change to mailbox forwarding behavior coming to Exchange Online
Apr 21, 2022 | Petri Staff
M365 Changelog: (Updated) Microsoft Defender for Office 365: Updates to URL Protection Report
Apr 21, 2022 | Petri Staff
Most popular on petri
Log in to save content to your profile.
Article saved!
Access saved content from your profile page. View Saved
Join The Conversation
Create a free account today to participate in forum conversations, comment on posts and more.
Copyright ©2019 BWW Media Group