11.03.2021

Mitigation script for Exchange (ProxyLogon)

Protect your Exchange server from active attacks with this Powershell script from Microsoft.

Microsoft released a Powershell script which automates the immediate mitigation of the ProxyLogon (CVE-2021-26855) vulnerability for Exchange servers. NOTE: THIS DOES NOT PATCH THE VULNERABILITY! It only mitigates against active attacks. You still have to download appropriate patches and apply them to your Exchange servers. Simply run the script, it automatically verifies if your Exchange server is vulnerable, then applies URL rewrite mitigations to protect your server. Lastly it runs a Safety Scanner to determine if your Exchange Server has been compromised. Super easy to run, I have a demo in the video.

Microsoft’s GitHub: https://github.com/microsoft/CSS-Exchange/tree/main/Security

Script download link: https://github.com/microsoft/CSS-Exchange/releases/latest/download/EOMT.ps1

Why you need Managed Security Services?

Most networks are compromised as a result of the most common, textbook vulnerabilities. These are not sophisticated hacks requiring deep infiltration or complex exploit code. Most are exploited through “low hanging fruit” like:

Passwords
Legacy protocols
Lack of security policies

Contact us or call toll-free: 1-833-630-2888