Microsoft has released a special application that helps to eliminate ProxyLogon vulnerabilities affecting Microsoft Exchange servers. This software is perfect as a temporary solution for those who, for some reason, are not yet able to install the released patches.

The tool is named EOMT (Exchange On-premises Mitigation Tool), it is written in PowerShell and is available for download from the official Microsoft GitHub account.

According to corporation from Redmond, EOMT is designed to help companies that do not have dedicated security or IT teams. With the help of the new tool, such organizations will be able to at least partially protect themselves from ProxyLogon exploits.

Microsoft is urging employees at affected companies to download EOMT and run the PowerShell script EOMT.ps1. The script will install the URL Rewrite configuration on the server, which will be enough to fix the CVE-2021-26855 bug.

What's more, EOMT also includes a copy of the Microsoft Safety Scanner application, which is designed to scan the Exchange server and known web shells that were previously used in cyberattacks.

If Microsoft Safety Scanner detects a shell, the scanner will immediately remove the backdoor and block the attacker remote access.

Source: anti-malware.ru