Microsoft tells Exchange admins to revert previously recommended antivirus exclusions
Tags
attack-pattern: Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Vulnerabilities - T1588.006 Powershell - T1086
Show in Graph
Common Information
Type Value
UUID 5ac700e7-1be7-4b56-ae98-a402aa5f1090
Fingerprint b7689a43eaf21c7f
Analysis status DONE
Considered CTI value 0
Text language
Published Feb. 24, 2023, midnight
Added to db Feb. 24, 2023, 10:22 p.m.
Last updated Nov. 18, 2024, 1:24 p.m.
Headline Microsoft tells Exchange admins to revert previously recommended antivirus exclusions
Title Microsoft tells Exchange admins to revert previously recommended antivirus exclusions
Detected Hints/Tags/Attributes 33/1/5
Source URLs
Redirection Url
Details Source https://www.csoonline.com/article/3689249/microsoft-tells-exchange-admins-to-revert-previously-recommended-antivirus-exclusions.html#tk.rss_news
URL Provider
Details Provider Source level domain
Details csoonline.com www.csoonline.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 162 https://media.cert.europa.eu/rss?type=category&id=APTFilter&language=en&duplicates=false 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 398 
asp.net
Details Domain 285 
microsoft.net
Details File 1212 
powershell.exe
Details File 2 
%systemroot%\system32\inetsrv\w3wp.exe
Details File 128 
w3wp.exe