Security News > 2023 > February > Microsoft Exchange admins advised to expand antivirus scanning
After having stressed the importance of keeping Exchange servers updated last month, Microsoft is advising administrators to widen the scope of antivirus scanning on those servers.
Microsoft Exchange servers in attackers' crosshairs.
Cyber attackers love to target Microsoft Exchange servers, often via zero-day vulnerabilities , but also via known ones.
Microsoft Exchange servers are mail servers, so they hold a lot of sensitive corporate information, including information about employees that could be exploited to mount spear-phishing attacks.
Microsoft encourages the use of antivirus software on Microsoft Exchange servers - if some directories, processes and file name extensions are excluded from the scanning.
"The biggest potential problem is a Windows antivirus program might lock or quarantine an open log file or database file that Exchange needs to modify. This can cause severe failures in Exchange Server, and it might also generate 1018 event log errors. Therefore, excluding these files from being scanned by the Windows antivirus program is very important," the company explains.
News URL
https://www.helpnetsecurity.com/2023/02/27/microsoft-exchange-antivirus-scanning/
Related news
- Microsoft slammed for lax security that led to China's cyber-raid on Exchange Online (source)
- Microsoft slammed for lax security that led to China's cyber-raid on Exchange Online (source)
- Microsoft still unsure how hackers stole MSA key in 2023 Exchange attack (source)
- US Cyber Safety Review Board on the 2023 Microsoft Exchange Hack (source)
- Microsoft will limit Exchange Online bulk emails to fight spam (source)
- Microsoft releases Exchange hotfixes for security update issues (source)