The tech giant warns, however, that this is just an interim mitigation meant to protect customers while they’re in the midst of implementing the comprehensive security update for Exchange it released earlier this month. While the original patches could be a bit complicated to deploy, Microsoft has also released a “one-click” mitigation tool for small companies that’s relatively easier use. The tool can mitigate against known attacks that exploit CEV-2021-26855, scan Exchange servers and attempt to reverse any changes made by the threats it identifies.
When Microsoft announced the patches for the Exchange vulnerabilities, it said most of the attacks that exploited the flaws were carried out by a Chinese state-sponsored group called Hafnium. It’s believed that the group infiltrated at least 30,000 organizations in the US, including police departments, hospitals, government agencies, banks and credit unions. Other groups may have also exploited the vulnerabilities, though, including the ransomware gang that’s reportedly holing Acer data hostage for $50 million.