Avast WEBforum

Business Products => Avast Business => Topic started by: kel2 on March 17, 2021, 04:50:07 PM

Title: Exchange exploitation - hafnium
Post by: kel2 on March 17, 2021, 04:50:07 PM: Anyone know if Avast detected / prevented this use of this exploit .

The blog from Avast seems to suggest we are on our own with this ?

Malware bytes seems to be saying servers protected by there products would have detected / prevented this attack.

I have a paid subscription to Avast business and seems only time I am contacted is when subscription is due. Think an email out to all business customers about this would have been a good thing to do.

Kel
Title: Re: Exchange exploitation - hafnium
Post by: polonus on March 22, 2021, 01:43:41 AM: Hi kel2,

Microsoft has patched for this exploit, so patch, and also has a scan tool for hafnium:
https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/safety-scanner-download
Also read here: https://techcommunity.microsoft.com/t5/exchange/hafnium-removal-of-changes/m-p/2191383

Read what avast has to say on their blog: https://blog.avast.com/avast-reaches-out-to-ursnif-malware-victims

polonus

SMF 2.0.18 | SMF © 2015, Simple Machines