Tool created to aid cleanup from Microsoft hack in broad use
Microsoft's one-click tool helps businesses protect themselves from further compromise
After a global hack of Microsoft email server software, the software has been downloaded more than 25,000 times since it was released last week, the White House’s National Security Council said Monday. As a result, the number of vulnerable systems has fallen by 45%, according to an NSC spokesperson.
The tool was created to protect against cyberattacks and to scan systems for compromises and fix them. It was developed after a massive hack affecting an estimated tens of thousands of users of servers running Microsoft’s Exchange email program.
The breach was discovered in early January and was attributed to Chinese cyber spies targeting U.S. policy think tanks. Then in late February, five days before Microsoft Corp. issued a patch on March 2, there was an explosion of infiltrations by other intruders, piggybacking on the initial breach.
The White House earlier this month described the hack as an “active threat” that was being addressed by senior national security officials. The administration’s response is being led by deputy national security adviser Anne Neuberger, who convened government officials and private sector experts to brainstorm solutions, particularly given that smaller businesses often lack resources to counter cyber attacks and to clean up after hacks. The administration pressed Microsoft to come up with a more simplified and streamlined fix and to track the number of compromised systems.
Since the release of the tool, the number of vulnerable systems in the United States has fallen to fewer than 10,000 from at least 120,000 at the peak. Many of the remaining vulnerable systems are tied to small businesses but not limited to any one sector.
While Microsoft has taken considerable heat for being the provider of software that elite hackers have exploited, Charles Carmakal, senior vice president and chief technical officer of prominent cybersecurity firm FireEye, said that Microsoft deserves credit for working hard to help people who run its software defend themselves.
He cited, especially, the downloadable turnkey script that people can use to apply patches and see if their systems have been compromised.
“The level of effort that they put into this to help companies defend themselves is terrific,” he said. “It’s a tough situation that organizations are in with the vulnerability in general.”
This article was written by Eric Tucker and published in the Associated Press website at https://apnews.com/article/business-national-security-hacking-email-software-7fb10922446b9f06afd68397ee38782d
Associated Press writer Frank Bajak in Boston contributed to this report.
Follow Eric Tucker on Twitter at http://www.twitter.com/etuckerAP.
More from the author
Windows 11 available October 5
The new Windows 11 operating system will be available October 5th as a free upgrade, or pre-loaded on new hardware.
CISA shares guidance on how to prevent ransomware data breaches
"Ransomware is a serious and increasing threat to all government and private sector rganizations, including critical infrastructure organizations. All organizations are at risk of falling victim to a ransomware incident and are responsible for protecting sensitive and personal data stored on their systems."
Windows 11 brings refinement to the right-click menu
With the release of Windows 11 this October, Microsoft is refining its popular right-click menu. While most folks could never get through their day without “right clicking”, the menu has grown (unregulated) for 20 years. Read on if you’re curious for a look...
How to Mitigate Microsoft Print Spooler Vulnerability – PrintNightmare
This week, PrintNightmare - Microsoft's Print Spooler vulnerability was upgraded from 'Low' to 'Critical'. Here's what you need to know and how to mitigate your risk.
Microsoft’s new Fluid Office is bringing documents to life
The biggest change to Microsoft’s Office in decades is coming to life as employees return to their offices and the new hybrid work experience takes hold.