CISA orders all Federal Civilian agencies to update or disconnect on-prem Microsoft Exchange products

“The Cybersecurity and Infrastructure Security Agency issued an emergency directive on Wednesday requiring all federal civilian agencies to update or disconnect Microsoft Exchange products running on-premises citing an ‘unacceptable risk’ posed by newly discovered vulnerabilities reportedly being weaponized by a threat group with links to China.

‘The swiftness with which CISA issued this emergency directive reflects the seriousness of this vulnerability and the importance of all organizations – in government and the private sector – to take steps to remediate it,’ said acting CISA Director Brandon Wales.

The directive adds that the vulnerabilities are not known to affect Microsoft 365 or Azure Cloud.

‘Successful exploitation of these vulnerabilities allows an attacker to access on-premises Exchange Servers, enabling them to gain persistent system access and control of an enterprise network,’ according to CISA.

All agency chief information officers are required to submit a report to CISA by noon this Friday outlining their organization’s status. The cybersecurity agency will provide a follow-up report to the secretary of Homeland Security and the Office of Management and Budget by April 5…” Read the full article here.

Source: CISA orders agencies to disconnect and Microsoft Exchange on-prem servers – By Justin Katz, March 3, 2021. FCW.

0
Tags:

This topic contains 0 replies, has 1 voice, and was last updated by  Jackie Gilbert 1 month, 1 week ago.

  • Author
    Posts
  • #120947

    Replies viewable by members only

    0

You must be logged in to reply to this topic.

CONTACT US

Questions?. Send us an email and we'll get back to you, asap.

Sending

©2021 MileMarker10, LLC all rights reserved | Community and Member Guidelines | Privacy Policy | About G2Xchange FedCiv

Opportunities. Starting Points.

About our Data

The Vault is a listing of expiring contracts, task orders, etc. within a certain set of parameters, to include:

  • Have an initial total estimated contract value of $10 million or above
  • Federal Civilian Only – DHS, Transportation, Justice, Labor, Interior, Commerce, Energy, State, and Treasury Actions
  • NAICS codes include: 511210, 518210, 519130, 519190, 541511,
    541512, 
    541513, 541519, 541611, 541618,
    541690, 541720, 541990
  • Were modified within the last 12 calendar months
  • The data represented is based on information provided by the government

Who has access? Please note that ALL G2Xchange FedCiv Members will receive access to all basic and much of the advanced data. G2Xchange FedCiv Corporate Members will receive access to ALL Vault content (basic and advanced).

Feedback/Suggestions? Contact us at Vault@G2Xchange.com and let us know what you think. 

G2Xchange FedCiv

Log in with your credentials for G2Xchange FedCiv

Forgot your details?