Microsoft is advising Exchange Server administrators to remove some of the endpoint antivirus exclusions that the company’s own documentation recommended in the past. The rules are no longer needed for server stability and their presence could prevent the detection of backdoors deployed by attackers.
“Times have changed, and so has the cybersecurity landscape,” the Exchange Server team said in a blog post. “We’ve found that some existing exclusions — namely the Temporary ASP.NET Files and Inetsrv folders, and the PowerShell and w3wp processes — are no longer needed, and that it would be much better to scan these files and folders. Keeping these exclusions may prevent detections of IIS webshells and backdoor modules, which represent the most common security issues.”
To read this article in full, please click here
More Stories
NVIDIA Container Toolkit Vulnerability Exposes AI Systems to Risk
The vulnerability, discovered by Wiz researchers, affects both cloud-based and on-premises AI applications using the toolkit Read More
Critical RCE Vulnerabilities Found in Common Unix Printing System
The newly identified vulnerabilities exploit improper input validation when managing printer requests over the network Read More
US State CISOs Struggling with Insufficient Cybersecurity Funding
A Deloitte and NASCIO survey found that a third of state CISOs do not have a dedicated cybersecurity budget Read...
British man used genealogy websites to fuel alleged hacking and insider trading scheme
A London-based man is facing extradition to the United States after allegedly masterminding a scheme to hack public companies prior...
AI and the 2024 US Elections
For years now, AI has undermined the public’s ability to trust what it sees, hears, and reads. The Republican National...
Cyber-Attacks Hit Over a Third of English Schools
A survey by Ofqual found that 20% of English schools and colleges were unable to immediately recover after being hit...