Microsoft Released A New One-Click Mitigation Tool

Microsoft Exchange On-Premises Mitigation Tool is specifically helpful for people who do not have dedicated security teams to apply the security updates. 

Recently, Microsoft released a new, one-click mitigation tool, "Microsoft Exchange On-Premises Mitigation Tool" to help people who do not have dedicated security or IT teams to apply the security updates. 

Microsoft said that it has tested this tool across Exchange Server 2013, 2016, and 2019 deployments. Microsoft Exchange On-Premises Mitigation Tool is designed as an interim mitigation for clients who are unfamiliar with the patch/update process.

Well, by downloading and running this one-click mitigation tool, which includes the latest Microsoft Safety Scanner, you will automatically mitigate CVE-2021-26855 on any Exchange server on which it is deployed. Though, it is not a replacement for the Exchange security update but is the fastest and simplest way to mitigate the highest risks to internet-connected, on-premises Exchange Servers prior to patching.

Source: Microsoft

Microsoft said that if you are already using Microsoft Safety Scanner, it is still live and the company recommends keeping this running as it can be used to help with additional mitigations.    

Also please note that this tool is temporary mitigation until your Exchange servers can be fully updated. Microsoft recommends this script over the previous ExchangeMitigations.ps1 script as it is tuned based on the latest threat intelligence. Microsoft Exchange On-Premises Mitigation Tool is a recommended approach for Exchange deployments with Internet access and for users who want to attempt automated remediation.

For additional details, you can visit the official announcement here.