Skip to ContentSkip to Footer
IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more
News

Microsoft releases one-click patch for Exchange vulnerability

The quick fix is aimed at small organisations that do not have dedicated IT teams

by: Zach Marzouk
16 Mar 2021
Microsoft sign on a building

Shutterstock

Microsoft has released a one-click patch, the Microsoft Exchange On-Premises Mitigation tool, to help customers apply new security updates in the face of the Exchange Server cyber attack.

This comes after the company released security updates in the wake of the attack, but these fixes were aimed predominantly at large organisations with dedicated IT teams who can handle complex deployments.

The tech giant stated that the one-click patch is aimed at customers who do not have dedicated security or IT teams to apply updates, who may be unfamiliar with the patch/update process or who have not yet applied the on-premises Exchange security update.

In the post, the company writes: “There was a need for a simple, easy to use, automated solution that would meet the needs of customers using both current and out-of-support versions of on-premises Exchange Server.”

Microsoft clarifies that the tool is not a replacement for the Exchange security update but is the fastest and easiest way to mitigate the highest risks to internet-connected, on-premises Exchange Servers prior to patching.

It also underlines that the new tool is effective against the attacks there have been seen so far but says it's not guaranteed to mitigate all possible future attack techniques.

In the UK, the National Cyber Security Centre (NCSC) has urged businesses to patch against the recently disclosed vulnerabilities in Exchange. It advised businesses to install the updates as a “matter of urgency”. An estimated 7,000 UK servers had been affected by the vulnerabilities, of which around half had already been secured.

Furthermore, ESET research found that Microsoft Exchange servers had been targeted by “at least ten hacker groups” and that they had managed to install backdoors on more than 5,000 servers in over 115 countries.

Featured Resources

Four strategies for building a hybrid workplace that works

All indications are that the future of work is hybrid, if it's not here already

Free webinar

The digital marketer’s guide to contextual insights and trends

How to use contextual intelligence to uncover new insights and inform strategies

Free Download

Ransomware and Microsoft 365 for business

What you need to know about reducing ransomware risk

Free Download

Building a modern strategy for analytics and machine learning success

Turning into business value

Free Download

Recommended

Microsoft says it's provided over $100 million in tech support to Ukrainian government
cyber attacks

Microsoft says it's provided over $100 million in tech support to Ukrainian government

20 May 2022
Microsoft to double salary budget to retain workers
Careers & training

Microsoft to double salary budget to retain workers

17 May 2022
Microsoft warns of new botnet variant targeting Windows and Linux systems
Security

Microsoft warns of new botnet variant targeting Windows and Linux systems

16 May 2022
Windows Server admins say latest Patch Tuesday broke authentication policies
Server & storage

Windows Server admins say latest Patch Tuesday broke authentication policies

12 May 2022

Most Popular

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack
hacking

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack

16 May 2022
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

13 May 2022
Google Russia files for bankruptcy, ends operations in the country
Business operations

Google Russia files for bankruptcy, ends operations in the country

19 May 2022
Skip to HeaderSkip to Content