The Microsoft Exchange Server is an e-mail server developed exclusively for Windows OS users. It also offers collaboration functions like scheduling and calendaring.

One of the Exchange Server’s biggest draws is its high availability features. These features ensure that outages and server failures won’t disrupt server operations.

But while the Exchange Server sounds like a dream for users, it also has limitations. Microsoft warned against performing antivirus scans on some Exchange Server’s files, folders, and processes.

Why Exclude Files From Antivirus Scans?
Microsoft explained that scanning certain Exchange Server files and processes could cause
stability issues. A Windows antivirus program could lock an open database or log file that may cause severe Exchange Server failures.

The company also released a list of files, folders, and running processes that users should
exclude from their scans.

New Development: No More Scanning Restrictions on Some Exchange Server Files
Recently, Microsoft announced some good news. According to the company, users can now remove some files and processes from the no-scan list. Scanning some of these processes no longer affects the Exchange Server’s stability. Including these processes in your antivirus scans even has its benefits.

The files and processes that are no longer part of the exclusions are:

  • %SystemRoot%System32Inetsrv
  • %SystemRoot%Microsoft.NETFramework64v4.0.30319Temporary ASP.NET Files
  • %SystemRoot%System32inetsrvw3wp.exe
  • %SystemRoot%System32WindowsPowerShellv1.0PowerShell.exe

The Exchange team has confirmed that using Microsoft Defender to scan these files does not affect the server’s performance. But the team advised IT and systems admins to still be vigilant. Admins should monitor their servers and inspect their files after the scans.

The Benefits of Removing Restrictions
Exchange Servers have become a popular hacking and cybercrime target in recent years because they are vulnerable and unprotected. A global wave of data breaches and cyberattacks on Exchange Servers began in 2021. The culprit was a Chinese cyber espionage organization called Hafnium. Attacks by other cybercrime groups followed.

These malicious attacks affected businesses and organizations and compromised their data and sensitive information. In a worst-case scenario, this could lead to business operations getting paralyzed.

Being able to scan certain Exchange Server files and processes will help prevent further
cyberattacks. The particular files that are no longer included in the list are usually the ones that attackers target. They inject malware or deploy malicious modules through these files. So, it is a significant improvement for Exchange Server’s security.

Impact on Business Owners
Businesses and organizations using Exchange Servers will benefit from this new  development. Being able to scan some of the files and processes means less vulnerability for them. This, in turn, means more security for customers’ personal data and sensitive information.

Related Posts - TKS Blog

TKS Newsletter - 2024 December
Here's our December 2024 Newsletter Read the full PDF version here: The TKS Sentinel - December Issue In this month's edition, we discuss: Ransomware Threats PDF Hijacking ...
Read more
zero trust protections
Zero Trust Cybersecurity: Essential for Keeping Your Data Secure
As cyber threats become increasingly sophisticated, businesses can no longer rely solely on traditional methods to protect their data. Hackers are no longer trying to...
Read more
TKS Newsletter - 2024 November
Here's our November 2024 Newsletter Read the full PDF version here: The TKS Sentinel - November Issue In this month's edition, we discuss: Dark Web/Work Laptop ActiveX Controls ...
Read more
email security tips
Enhance Your Email Security in 6 Simple Steps
6 Simple Steps to Enhance Your Small Business Email Security Email is one of the most commonly used tools in business today—but it’s also a prime...
Read more

Used with permission from Article Aggregator