TTCSIRT- 391.03.17.21: TTCSIRT ADVISORY- MICROSOFT RELEASES EXCHANGE ON-PREMISES MITIGATION TOOL
Microsoft has released the Exchange On-premises Mitigation Tool (EOMT.ps1) that can automate portions of both the detection and patching process. Microsoft stated the following along with the release: “[the tool is intended] to help customers who do not have dedicated security or IT teams to apply these security updates.
The United States of America’s Cybersecurity and Infrastructure Agency (CISA) have tested this tool across Exchange Server 2013, 2016, and 2019 deployments. This new tool is designed as an interim mitigation for customers who are unfamiliar with the patch/update process or who have not yet applied the on-premises Exchange security update.”
The Trinidad and Tobago Cyber Security Incident Response Team supports CISA’s decision to encourage users and administrators to review the following resources for more information.
- Microsoft’s EOMT.ps1 blog post (https://msrc-blog.microsoft.com/2021/03/15/one-click-microsoft-exchange-on-premises-mitigation-tool-march-2021/)
- Alert AA21-062A: Mitigate Microsoft Exchange Server Vulnerabilities (https://us-cert.cisa.gov/ncas/alerts/aa21-062a)
- CISA’s Remediating Microsoft Exchange Vulnerabilities web page (https://us-cert.cisa.gov/remediating-microsoft-exchange-vulnerabilities)