Microsoft Defender Antivirus now automatically protects against Exchange attacks

New update automatically mitigates a remote code execution vulnerability in Exchange

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

In an effort to further protect its customers' Exchange Servers,Microsofthas released a new security intelligence update that enables itsantivirus softwareto automatically mitigate cyberattacks that exploit the remote code execution vulnerability tracked asCVE-2021-26855.

Cybercriminals have been exploiting unpatched on-premises versions of Exchange Server 2013, 2016 and 2019 in a recent series of cyberattacks.

So far, Microsoft has released a comprehensivesecurity update, a one-click interimExchange On-Premises Mitigation Toolandstep-by-step guidanceto help organizations address these attacks.

Now though, the software giant has taken an additional step by configuringMicrosoft Defender Antivirusand System Center Endpoint Protection to automatically protect against attacks on vulnerable Exchange Servers. The only thing customers need to do is to ensure they have the latest security intelligence update installed if they don’t already have automatic updates turned on.

Automatic mitigation

While Microsoft has added additional protection to its antivirus andendpoint protection softwareto mitigate this growing threat, the company pointed out in a newblog postthat the Exchange security update is still the most comprehensive way to protect vulnerable servers from these attacks.

Additionally, organizations usingExchange Serverswill still need to install the security update even after this mitigation.

Microsoft’s interim mitigation is mainly designed to help protect customers while they take the time to implement the latest Exchange Cumulative Update for their version of Exchange.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

If you haven’t installed the latest security update for Exchange, now is the time to do so as cybercriminals have begun to exploit the zero-day vulnerabilities discovered in Microsoft Exchange email server to deliverransomwareto organizations running vulnerable versions of Exchange.

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.

Phishing attacks surge in 2024 as cybercriminals adopt AI tools and multi-channel tactics

This new phishing strategy utilizes GitHub comments to distribute malware

Arcane season 2 finally gave us the huge Caitlyn and Vi moment we’ve been waiting for – and its creators say ‘we couldn’t have done it in season one’