Microsoft released a one-click mitigation tool for the Hafnium Exchange Server vulnerabilities that the company hopes will help organizations struggling to update.
“We realized that there was a need for a simple, easy to use, automated solution that would meet the needs of customers using both current and out-of-support versions of on-premises Exchange Server,” Microsoft Security Response Center said in a blog post announcing the tool.
RiskIQ reported 69,548 servers still had not applied the patch as of Sunday evening, despite calls from Microsoft, the Cybersecurity and Infrastructure Security Agency, and the unanimity of experts. That number is down from 400,000 on March 2, the day Microsoft first released the patch.
Microsoft hopes the new tool will aid organizations who lack IT teams and anyone else who has so far been reluctant to apply the patch.
The four patched vulnerabilities have been exploited by several actors. Microsoft first identified a new state-sponsored group operating out of China it dubbed Hafnium, but several other groups have been discovered targeting unpatched servers, including criminal groups.