Microsoft is planning to make changes to its MAPP, a threat and vulnerability sharing program after suspecting it to be the source of Exchange Servers hack. Under the program, several security companies are allowed to share vulnerabilities through Microsoft, to form defensive patches in their updates. This is to safeguard the users before hackers finding those vulnerabilities and exploiting them.

Microsoft Blaming Itself For Exchange Server Hack!

Microsoft May Revise its MAPP Policies After Suspecting it as the Root Cause For Exchange Servers Hack

Every software is prone to hacks. It may be vested with vulnerabilities now or later, and let an adversary exploit them for his own good. While these cyber attacks continue to grow anyway, it’s the job of the users and the security software (like antivirus) providers to make sure they’re cautious and advanced than the hackers.

Thus, for the community’s good, Microsoft has launched a threat and vulnerability sharing program called the “Microsoft Active Protections Program.” This consortium includes various security software providers and other relayed partners who can share newly discovered vulnerabilities in globally used systems.

Since having early access, they can start developing the remedial measures to their concerned software and avoid their users from falling victim to it. While this is for a good cause, Microsoft thinks this program to be the root cause for the widespread Exchange Server hacks that happened in the previous quarter.

Microsoft suspects some of the program’s partners may have shared the vulnerabilities on Exchange Server with threat actors, which eventually let them exploit the vulnerabilities and hack servers. Patches for them are already made available. This was realized after finding similarities between the Proof-of-code shared by Microsoft among its MAPP partners and the exploit code used by hackers.

Thus, it’s now thinking to make changes to the MAPP program. This could include actions like revising the partners’ tiers, their level of access to what and how and introducing code-based ‘watermarks’ in Proof-of-code to help trace the distribution in any potential future attacks.