Microsoft has taken an important new step to help customers protect themselves against the “Hafnium” Exchange vulnerability with the release of a new one-click mitigation tool. This follows the release of a previous update for its Exchange Server platform aimed at patching four critical vulnerabilities that have been exploited by hackers.
This new Mitigation Tool has been designed for customers who don't have dedicated security or IT teams to apply these on-premises Exchange security updates. "This tool is not a replacement for the Exchange security update but is the fastest and easiest way to mitigate the highest risks to internet-connected, on-premises Exchange Servers prior to patching,” the company explained.
The Microsoft Security Response Center team has tested its new one-click mitigation tool across Exchange Server 2013, 2016, and 2019 deployments. "The Exchange On-premises Mitigation Tool is effective against the attacks we have seen so far, but is not guaranteed to mitigate all possible future attack techniques," the MSRC team said. The tool is available download from this page, and additional resources are available on this GitHub page.
Microsoft takes these attacks against on-premises Exchange servers very seriously, and the company believed that what began as a "nation-state attack" has evolved into something exploited by other criminal organizations using the vulnerabilities for new ransomware attacks. "This is now what we consider a broad attack, and the severity of these exploits means protecting your systems is critical," the Microsoft Security team emphasized.