![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
Rewterz Threat Advisory – Apache OpenMeetings denial of service
March 16, 2021![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
Rewterz Threat Alert – FIN8 Returns With Improved BADHATCH Toolkit
March 16, 2021![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
Rewterz Threat Advisory – Apache OpenMeetings denial of service
March 16, 2021![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
Rewterz Threat Alert – FIN8 Returns With Improved BADHATCH Toolkit
March 16, 2021Severity
High
Analysis Summary
Microsoft has come up with a release of a one-click mitigation tool help businesses from the zero-day attacks against on-prem Exchange Servers. By downloading and running this tool, which includes the latest Microsoft Safety Scanner, customers will automatically mitigate CVE-2021-26855 on any Exchange server on which it is deployed. This tool is not a replacement for the Exchange security update but is the fastest and easiest way to mitigate the highest risks to internet-connected, on-premises Exchange Servers prior to patching.
![image-28-1024x523.png](https://msrc-blog.microsoft.com/wp-content/uploads/2021/03/image-28-1024x523.png)
The EOMT tool nce run, the Run EOMT.ps1 tool will perform three operations:
- Mitigate against current known attacks using CVE-2021-26855 using a URL Rewrite configuration.
- Scan the Exchange Server using the Microsoft Safety Scanner.
- Attempt to reverse any changes made by identified threats.
Affected Products
Microsoft Exchange Server
Remediation
Microsoft recommends following
- Download the EOMT tool.
- Run it on Exchange servers immediately.
- Follow the more detailed guidance here to ensure that your on-premises Exchange is protected.