Microsoft tells Exchange admins to revert previously recommended antivirus exclusions

Read Time:39 Second

Microsoft is advising Exchange Server administrators to remove some of the endpoint antivirus exclusions that the company’s own documentation recommended in the past. The rules are no longer needed for server stability and their presence could prevent the detection of backdoors deployed by attackers.

“Times have changed, and so has the cybersecurity landscape,” the Exchange Server team said in a blog post. “We’ve found that some existing exclusions — namely the Temporary ASP.NET Files and Inetsrv folders, and the PowerShell and w3wp processes — are no longer needed, and that it would be much better to scan these files and folders. Keeping these exclusions may prevent detections of IIS webshells and backdoor modules, which represent the most common security issues.”

To read this article in full, please click here

NVD Revamps Operations as Vulnerability Reporting Surges

Friday Squid Blogging: Squid and Efficient Solar Tech

Google Cloud: Top 5 Priorities for Cybersecurity Leaders Today

AI Vulnerability Finding

Ransomware reaches a record high, but payouts are dwindling

Cyble Urges Critical Vulnerability Fixes Affecting Industrial Systems

Reimagining Democracy

China-based SMS Phishing Triad Pivots to Banks

Google Cloud: China Achieves “Cyber Superpower” Status