![]() ![]() The change is minimal, but should be a significant improvement. ![]() Some experts are promoting a more effective string to use in the Request Blocking instructions as shown under points 7 and 8 below. Microsoft alos removed the option to block the ports that are used for Remote PowerShell, but doesn't mention this in the updates section. Guidance on how to do this for single user or multiple users is here. The most significant change is the recommendation for Exchange Server customers to disable remote PowerShell access for non-admin users in your organization. Microsoft has adapted the mitigation advice it provided originally to block attacks on these vulnerabilities, because they were too easy to circumvent. Microsoft Exchange Online Customers do not need to take any action. In the meantime it's providing mitigations and detection guidance: So, let’s start with the most important part: What should you do if you’re tasked with administering an Exchange Server? Microsoft is working on an accelerated timeline to release a fix. The company says it "is aware of limited targeted attacks using the two vulnerabilities to get into users’ systems." The move follows discussion online about whether two new Exchange zero-days are really new vulnerabilities, or just new exploits for known vulnerabilities. Microsoft has issued some customer guidance as it investigates (yes, more) reported vulnerabilities in Microsoft Exchange Server, affecting the 2013, 2016, and 2019 versions of the software. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |