![]() It identifies and proactively deals with threats found in the scan.Finally, it runs the Microsoft Safety Scanner in "Quick Scan" mode, even if the Exchange Server is a patched version.If it finds the Exchange Server to be vulnerable, it pulls down the URL rewrite tool for IIS and applies the configuration only if the Exchange Server is vulnerable, mitigating CVE-2021-26855.The tool checks your Exchange Server to see if it is a vulnerable, or unpatched, Exchange Server version.It performs the following steps on your on-premises Exchange Server: The EOMT tool is a PowerShell script that brings together these various functions and tasks in a single script. This certainly helps SMBs and even small environments that may find managing and patching Exchange Server to be challenging. With the new tool, Microsoft is helping to consolidate the necessary tasks in an automated fashion to ensure the mitigating actions are introduced correctly and with little room for error. The EOMT is a fully automated "one-click" approach to configuring the recommended mitigations for the zero-day vulnerabilities and also scans Exchange Server with the Microsoft Safety Scanner. What is the EOMT? How do businesses use it to ensure their unpatched Exchange Servers have the mitigations in place to protect against this latest threat to on-premises Exchange Server hosts? EOMT Microsoft now recommends the EOMT over the previously released PowerShell scripts to put the mitigations in place. This culminated with the release of the Exchange On-Premises Mitigation Tool (EOMT). With this being the case, Microsoft has been steadily releasing PowerShell scripts to help put mitigations in place against the vulnerabilities until the servers can be properly patched. Microsoft realizes the conundrum that many businesses are finding with the current zero-day patches and the challenge of patching their on-premises Exchange Servers. However, there may be organizations that have little or no on-site IT staff, or companies that do not have a maintenance window for a period of time. ![]() The current recommendation from Microsoft is that organizations update their on-premises Exchange Servers as quickly as possible as they have released updates that mitigate the vulnerabilities as part of the above CVEs. The CVS score for this vulnerability is CVSS 7.8. The attacker could authenticate by exploiting the CVE-2021-26855 SSRF vulnerability or by compromising a legitimate admin's credentials.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |