If you are still running and patching an on-premises Exchange server, you need to opt into a major protection that Microsoft is rolling out to its customers. Microsoft has rolled out a new feature called Microsoft Exchange Emergency Mitigation (EM) service. It is included in the September 2021 Cumulative Update and is not a replacement for patching. Rather, it provides better protections for on-premises Exchange servers.
The recent zero-day attacks on Exchange showed that many firms weren’t up to date in patching and Microsoft realized that many were behind in updating. Microsoft quickly released an Exchange On-premises Mitigation Tool (EOMT) along with automatic mitigation included in Microsoft Defender Antivirus and System Center endpoint protection. As they noted, “The EOMT is a one-click tool that applies interim mitigations to an Exchange server to proactively minimize vulnerable attack surfaces until the admin can install an available SU. This was our recommended approach for Exchange deployments with internet access and for those who needed to quickly mitigate their risk while they prepared to update their servers.”