Quote:Hot on the heels of Microsoft’s announcement about active cyber-espionage campaigns that are exploiting four serious security vulnerabilities in Microsoft Exchange Server, the U.S. government is mandating patching for the issues.
The news comes as security firms report escalating numbers of related campaigns led by sophisticated adversaries against a range of high-value targets, especially in the U.S.
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive, warning that its partners have observed active exploitation of the bugs in Microsoft Exchange on-premises products, which allow attackers to have “persistent system access and control of an enterprise network.”
“CISA has determined that this exploitation of Microsoft Exchange on-premises products poses an unacceptable risk to Federal Civilian Executive Branch agencies and requires emergency action,” reads the March 3 alert.
“This determination is based on the current exploitation of these vulnerabilities in the wild, the likelihood of the vulnerabilities being exploited, the prevalence of the affected software in the federal enterprise, the high potential for a compromise of agency information systems and the potential impact of a successful compromise.”
Earlier this week Microsoft said that it had spotted multiple zero-day exploits in the wild being used to attack on-premises versions of Microsoft Exchange Server, spurring it to release out-of-band patches.
The exploited bugs are being tracked as CVE-2021-26855, CVE-2021-26857, CVE-2021-26858 and CVE-2021-27065. When chained together, they allow remote authentication bypass and remote code execution. Adversaries have been able to access email accounts, steal a raft of data and drop malware on target machines for long-term remote access, according to the computing giant.
Read more: https://threatpost.com/cisa-federal-agen...rs/164499/
![[-]](https://www.geeks.fyi/images/collapse.png)
