What you need to know
- Microsoft Exchange has had a very long 2021, between state-sponsored hack attacks and self-inflicted credential leaks.
- Microsoft is now making moves to mitigate issues and prevent problems so that Exchange may have a low-key rest of 2021 and better 2022.
Recently, Microsoft Exchange found itself in the hot seat thanks to its Autodiscover protocol's improper implementation resulting in the leak of nearly 100,000 Windows credentials. Though the company appeared to implement one temporary safety measure to mitigate the issue, it also unveiled another that will hopefully be less of a Band-Aid and more of a fix.
Basic Authentication is being permanently disabled in Exchange Online, starting October 1, 2022. While the blog post announcing this news doesn't directly acknowledge the leaks, the two events happening in such close proximity may raise eyebrows, given that the move by Microsoft counters one of the issues Exchange has been having.
Microsoft has also introduced a new Exchange Server service (via BleepingComputer). The Microsoft Exchange Emergency Mitigation tool will automatically apply Microsoft-administered mitigations for active security issues. This should result in less of the process requiring manual attention and, by extension, help prevent avoidable situations.
The Microsoft Exchange Emergency Mitigation tool arrives months after the late 2020, early 2021 kerfuffle surrounding Microsoft Exchange that involved reports of state-sponsored Chinese hackers extracting data for secret AI projects. Exchange was at the center of the drama, which received major attention from the U.S. Cybersecurity and Infrastructure Security Agency (CISA) at the situation's peak.
In summary, Exchange and its various extensions are working to become less easy targets for threat actors. Whether these efforts will prevent another rocky year remains to be seen. Keep it posted to Windows Central for all updates regarding the good, the bad, and the Exchange.
