The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Agency (CISA) issued an urgent warning of a vulnerability related to Microsoft Exchange on-premises products. A vulnerability in on-premises Exchange Servers will allow an attacker to gain “persistent system access and control of an enterprise network.” This vulnerability is currently not known to affect Microsoft 365 or Azure Cloud deployments.
Fire chiefs are urged to contact their IT departments -- without delay -- to ascertain their departments’ vulnerability. As many as 30,000 organizations across the United States, including local governments, may be vulnerable.
To learn more about this warning, please review the CISA Emergency Directive 21-02.