More Information About Microsoft Exchange Vulnerability

Last week, the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Agency (CISA) issued an urgent warning of a vulnerability related to Microsoft Exchange on-premises products. A vulnerability in on-premises Exchange Servers will allow an attacker to gain “persistent system access and control of an enterprise network.” This vulnerability is currently not known to affect Microsoft 365 or Azure Cloud deployments. 

The IAFC recommends that fire chiefs discuss this vulnerability with their IT departments.  As many as 30,000 organizations across the United States may be affected by this vulnerability, including local governments. 

CISA recommends that all organizations using Microsoft Exchange on-premises products must:  

  • Check for signs of compromise; 

  • Immediately patch Microsoft Exchange with the vendor released patch; 

  • If unable to patch, remove the products from the network immediately; and  

  • Upgrade to the latest supported version of Microsoft Exchange.  

In addition, CISA strongly encourages partners to immediately disconnect any Microsoft Exchange systems suspected of being compromised.  

CISA has released an Emergency Directive about this issue and a supplemental guidance

This is a serious compromise to an onsite Microsoft Exchange server. CISA warns that, Exploitation of this vulnerability before patch installation permits an adversary to gain persistent access to and control of entire enterprise networks which is likely to persist even after patching.”  

 

Related News

Related
You are not logged in.