Microsoft Bolsters Defender to Fend Off Log4j Vulnerability Attacks

Microsoft Bolsters Defender to Fend Off Log4j Vulnerability Attacks

Microsoft has ingrained its Defender tools for Containers and Microsoft 365 with new capabilities to identify and anneal the vulnerabilities spawned off by the Apace Log4j flaw.

Microsoft’s Defender for Container was available since December 9, and it is fused with the capabilities of Defender for Kubernetes and Defender for Container Registries.

It also brought forth new additions ranging from advanced threat detection and vulnerability assessment. The bettered Defender also supports Kubes-native deployment.

Last week, Microsoft announced that its Defender for Containers is powered with the capabilities to spot Containers that were left vulnerable by the widely utilized Log4j software component. In addition, the revamped Defender for Containers can detect the three vulnerabilities which Log4j brought on.

These vulnerabilities were patched after they came to light by the report, which disclosed the remote code execution flaw triggered by Log4j vulnerabilities on December 9.

Also Read: Microsoft Warns Its Azure Customers of The Dangerous NotLegit Flaw

The New Capabilities for Containers

Containers are scanned for potential vulnerabilities when they are uploaded to Azure Container Registry. The scanning also applies to the Containers when they are accessed from the Azure registry or when deployed.

This scanning capacity, which outpoints the vulnerabilities of the Containers deployed on the Kubernetes cluster, was possible by technology provided by Qualys.

“We will continue to follow up on any additional developments and will update our detection capabilities if any additional vulnerabilities are reported,” the Microsoft team stated in a post.

The Defender for Containers also supports every Kubernetes cluster certified by Cloud Native Computing Foundation. Additionally, it fortifies the Azure Kubernetes Service (AKS), AKS on Azure Stack HCI, AKS Engine, Azure Red Hat offerings, and Amazon Elastic Kubernetes Service (EKS), among others.

Also Read: Microsoft Expands Azure Footprint in India with New Availability Regions

Bettered Defender for Microsoft 365

Bettered Defender for Microsoft 365

Microsoft gave a facelift for Microsoft 365 defender by lending the tool a consolidated dashboard which allows its users to manage the detected threats and vulnerabilities caused by the Log4j. As per the threat intelligence team of Microsoft, the new dashboard will empower the customers to spot and fix the data sections which were left vulnerable from Log4j.

Microsoft also released a new scheme for the Microsoft 365 Defender, “which surfaces file-level findings from the disk and provides the ability to correlate them with additional context in advanced hunting.” This revamped Defender will prop Windows Server and Linux. For the latter, the Linux customers will need to update their Defender for Endpoint Linux Client to 101.52.57 or a later version.

“These new capabilities integrate with the existing threat and vulnerability management experience and are gradually rolling out,” Microsoft’s threat intelligence team stated. The new capabilities can also uncover vulnerabilities in installed application Common Platform Enumerations, which were stunted by the Log4j Remote Control Execution and Log4j Java Archive (JAR) flaws.

Microsoft 365 for macOS to be Buttressed by Defender

Microsoft will also add support capabilities for Microsoft 365 Defender installed on macOS. Reiterating the same, the IT giant said the support features “will roll out soon.” Like the other versions of the Defender, these new abilities will insulate the macOS’ Microsoft 365 suite from Log4j vulnerabilities. It also blockades the vulnerabilities wrought upon by Log4Shell, and it does this by joining forces with Microsoft offerings, ranging from Microsoft Sentinel to Azure Firewall Premium.

Also Read: Microsoft Joins Forces with Airbus to Expand Azure Space

Log4Shell is another flaw that has been exploited for ransomware attacks, credential theft, crypto mining, and data exfiltration. As Microsoft caters to 650,000 security customers, the American organization has gone out of the way to better its security solutions.

The Windows OS manufacturer previously observed unlawful activity using the Log4j flaws and expected these hackers to use these vulnerabilities for ransomware attacks later. The IT giants predict that the ransomware attacks against the windows and Linux infrastructures will likely increase due to these Log4j vulnerabilities.

Contact Us

More Technology News: