The Microsoft team is working on a vulnerability, CVE-2021-26855 found in Exchange Servers. The software giant first released a patch addressing the vulnerability, then the Microsoft 365 Defender Team announced the release of Exchange On-Premises Mitigation Tool, as a part of Microsoft Defend Antivirus.
After its efforts, the Microsoft Security Response team shared the latest situation in a tweet about the Exchange Server updates:
- 92% of worldwide Exchange IPs are now patched or mitigated.
- 43% improvement worldwide in the last week.
On the other hand, F-Secure experts stated that Exchange servers being hacked and administrators should check for breaches. Antti Laatikainen, senior security consultant, F-Secure, said,
“Tens of thousands of servers have been hacked around the world. They’re being hacked faster than we can count. Globally, this is a disaster in the making.
Never in the past 20 years that I’ve been in the industry, has it been as justified to assume that there has been at least a digital knock at the door for every business in the world with Exchange installed. Because access is so easy, you can assume that majority of these environments have been breached.”