Microsoft has automatically mitigated Exchange vulnerabilities through Defender Antivirus

Although Microsoft has issued multiple security bulletins, there are still many Microsoft Exchange Server that does not have the latest security updates installed.

Microsoft Exchange Server without security updates is extremely vulnerable to hacker attacks. Hackers can easily steal corporate secrets through the mail server and even invade the corporate intranet.

Many well-known companies or government agencies have been hacked because of their mail servers, but there are still many companies that do not know that they need to be repaired.

Microsoft has previously issued security updates and provided a variety of mitigation measures for enterprises to use, but some enterprises have not yet updated the patch, so Microsoft is still thinking of new methods.

In order to better help companies fix the vulnerability, Microsoft has taken new measures: automatic deployment of mitigation programs through Microsoft Defender anti-virus software.

That is, as long as the server is installed with the Microsoft Defender anti-virus software, it can be automatically mitigated, and there is no need for the enterprise administrator to manually deploy the solution provided by Microsoft.

What needs to be emphasized here is that it is not only the Microsoft Defender that can automatically mitigate, but the Microsoft series of security terminals as System Center Endpoint Protection will receive updates to deploy mitigation measures.

This software can automatically detect whether it is a vulnerable Exchange Server after receiving Microsoft’s patch. If it is detected as a vulnerable Exchange Server, the vulnerability can be temporarily solved.

The deployment of mitigation solutions will help improve the protection capabilities of the local mail server and can evade some attack methods used by attackers to improve security.

However, companies must install Microsoft Exchange Server security updates to completely solve the problem, so companies must schedule the installation of security updates.