Microsoft continues to take steps to address vulnerabilities utilized by the recent attacks on its Exchange Server software. The company released emergency fixes on March 2 and released a one-click mitigation tool to reduce the risk of an attack on vulnerable servers. Now, Microsoft has updated Microsoft Defender to address a vulnerability.
Microsoft Defender Antivirus and System Center Endpoint Protection will now automatically mitigate one issue on vulnerable Exchange Servers. Microsoft outlines the step in a security blog post (via ZDNet):
Today, we have taken an additional step to further support our customers who are still vulnerable and have not yet implemented the complete security update. With the latest security intelligence update, Microsoft Defender Antivirus and System Center Endpoint Protection will automatically mitigate CVE-2021-26855 on any vulnerable Exchange Server on which it is deployed. Customers do not need to take action beyond ensuring they have installed the latest security intelligence update (build 1.333.747.0 or newer), if they do not already have automatic updates turned on.
Specifically, Microsoft Defender automatically mitigates CVE-2021-26855, which is a severe vulnerability. It is one of four vulnerabilities related to the attack on Exchange servers.
Microsoft emphasizes that the Exchange security update is a better way to protect servers:
The Exchange security update is still the most comprehensive way to protect your servers from these attacks and others fixed in earlier releases. This interim mitigation is designed to help protect customers while they take the time to implement the latest Exchange Cumulative Update for their version of Exchange.
Recent reports state that threat actors are increasing their attacks on vulnerable servers. People who manage servers should check to see if their systems have been affected and take appropriate action to address any issues.
Xbox Game Pass is getting dual-screen support on Surface Duo
Microsoft has rolled out an update to the Xbox Game Pass Beta app that adds support for dual-screen devices like the Surface Duo. Games with dedicated touchscreen controls are supported, and it brings to life the dream of having a portable Xbox console in your pocket.