Microsoft Responds to Exchange Emergency Mitigation Service Feedback
Improvements to the Microsoft Exchange Emergency Mitigation service are under consideration, Microsoft's Exchange team announced on Friday.
Exchange Emergency Mitigation is a new security service for Exchange Server users that promises to automatically add stop-gap changes when active threats arise. The mitigation service had its debut on Sept. 28, arriving with Microsoft's release of its September cumulative updates for Exchange Server 2016 and 2019. However, the Exchange team is already responding to feedback on it, with possible changes to come.
First off, the team is considering adding a mechanism whereby a security update for Exchange Server will remove a mitigation that was automatically applied by the Exchange Emergency Mitigation service. Right now, organizations using the mitigation service have to remember to remove the mitigation after applying a security patch, which Microsoft admitted "creates a burden for the admin."
Second, Microsoft is looking into a reported issue where some users were getting false values when setting up mitigations at the organizational level. A command to enable it was described.
Lastly, Exchange Emergency Mitigation service users were wondering if they'd get notified when the service applies a mitigation. The Exchange team suggested that the Windows Event Log displays such information, and all details can be found there. However, the team is considering adding some sort of real-time alert for IT pros when mitigations are applied.
The team is just considering making those sorts of changes, with no promises or dates described.
Kurt Mackie is senior news producer for 1105 Media's Converge360 group.