Microsoft
Earlier this month, Microsoft released a patch intended to fix breaches in Exchange Server, though this fix was challenging to apply for smaller organizations with less IT structure. The one-click executable released this week, however, should allow smaller firms to address potential breaches. Like any patch, though, this only fixes the current breaches being exploited by hackers, and won't address undiscovered problems.
With the scale of the exchange hack still unknown and hacks still ongoing, it's likely that we won't hear of how effective Microsoft's fixes were for some time, but even if the patch is successful, Microsoft is still far from out of the woods. Not only is the company under a great deal of scrutiny for its role in the hack, but it still hasn't identified how the hack happened in the first place.
Internal investigations are being run at the company, and so far, rumors have already circulated that the hack could have been the result of an inside job of sorts.
According to Microsoft, it is investigating the potential for proof-of-concept code that it had shared confidentially through the Active Protections Program to have been leaked by an insider. The company discovered that some of the programs used as part of the hack have some similarities with the tools shared as part of the MAPP. Microsoft is, of course, keeping the details of its investigation under wraps, due to the potential to accidentally release critical information while it is still responding to ongoing hacks.
The Exchange hack, as well as the previous SolarWinds hack, have prompted a federal review of compromised agencies.
"The compromised agencies all were tasked to do a particular set of activities and then were tasked to have an independent review of their work to ensure that we felt confident the adversary had been eradicated. Most of the agencies have completed that independent review. For those who have not yet, they will complete it by the end of March," a White House official said.
- https://www.engadget.com/microsoft-releases-a-one-click-patch-for-its-critical-exchange-vulnerability-090242055.html?guccounter=1&guce_referrer=aHR0cHM6Ly9uZXdzLmdvb2dsZS5jb20v&guce_referrer_sig=AQAAAM0qnBUzTcZbs0ntq-2mUHGQ2Vorvsx9fcvBE28dnfjbnBgrPlFA7-6O6kuNoWKQ_bpEyg6IpkDvIyVMlp357NJKjxniL7A8do68vrg26udfKXJomR-9aI_b5d_ezCslwSKmrUfu8rZfwmvaSAYNVh82AxlCaUWxrqit7Bv6DZo0
- https://www.zdnet.com/article/microsoft-releases-one-click-mitigation-tool-for-exchange-server-hacks/
- https://www.techradar.com/news/microsoft-launches-one-click-tool-to-solve-exchange-server-issues
- https://appleinsider.com/articles/21/03/15/microsoft-probing-if-exchange-attack-is-inside-job-feds-shoring-up-security
