CISA orders agencies to fix Microsoft vulnerabilities abused by Chinese hackers

Agencies must patch or disconnect the vulnerable software

CISA has ordered US federal civilian agencies to tackle Microsoft flaws suspected to be involved in a Chinese spying campaign. Agencies must act by the end of the week. 

The order requires agencies to either apply security fixes for the Microsoft Exchange Server software’s vulnerabilities or disconnect the program until they can reconfigure it securely if the system is compromised.

The US agency's Emergency Directive 21-02, "Mitigate Microsoft Exchange On-Premises Product Vulnerabilities," was issued yesterday.

It said that its partners had “observed active exploitation of vulnerabilities in Microsoft Exchange on-premises products”.

"Successful exploitation of these vulnerabilities allows an attacker to access on-premises Exchange Servers, enabling them to gain persistent system access and control of an enterprise network," the agency said.

It added that the vulnerabilities present an "unacceptable risk to Federal Civilian Executive Branch agencies. 

Agencies will have to forensically triage artifacts using collection tools to collect system memory, system web logs, windows event logs, and all registry hives. If agencies find no indications of compromise, they must immediately apply Microsoft patches for Microsoft Exchange servers.

"This Emergency Directive remains in effect until all agencies operating Microsoft Exchange servers have applied the available patch or the Directive is terminated through other appropriate action," the agency added.

Microsoft’s disclosure of significant Exchange Server software vulnerabilities brings to the fore certain challenges and themes seen simmering under the surface for a long time in national cyber security.

Steve Forbes, government cyber security expert at Nominet said there’s a tendency to treat cyber security issues between the private and public sectors as separate siloes. 

“However, these vulnerabilities demonstrate how flawed that view is. Not only are governments susceptible to software vulnerabilities like any business, but they also face the debate of how extensively to use cloud providers. While historically there has been a perception that it is more secure and robust to run your own infrastructure, this is a good example of where the opposite is true,” Forbes said.

Forbes said CISA’s directive is the latest in a series of increasingly regular emergency directives the agency has issued since its establishment two years ago. 

“Vulnerabilities like these demonstrate the necessity for these coordinated national protective measures to efficiently and effectively mitigate the effects of attacks that could have major national security implications,” he said.

Featured Resources

B2B under quarantine

Key B2C e-commerce features B2B need to adopt to survive

Download now

The top three IT pains of the new reality and how to solve them

Driving more resiliency with unified operations and service management

Download now

The five essentials from your endpoint security partner

Empower your MSP business to operate efficiently

Download now

How fashion retailers are redesigning their digital future

Fashion retail guide

Download now

Recommended

Most Americans want to regulate big tech
Policy & legislation

Most Americans want to regulate big tech

29 Jul 2021
President Biden urges critical companies to boost cyber defenses
IT infrastructure

President Biden urges critical companies to boost cyber defenses

28 Jul 2021
Federal court extends FTC deadline in its Facebook antitrust case
Policy & legislation

Federal court extends FTC deadline in its Facebook antitrust case

26 Jul 2021
Senator wants social media companies held liable for spreading anti-vax lies
social media

Senator wants social media companies held liable for spreading anti-vax lies

23 Jul 2021

Most Popular

Salesforce's $28bn Slack acquisition: What's next for workplace collaboration?
collaboration

Salesforce's $28bn Slack acquisition: What's next for workplace collaboration?

22 Jul 2021
UK gun owners urged to be ‘vigilant’ after Guntrader data breach
data breaches

UK gun owners urged to be ‘vigilant’ after Guntrader data breach

23 Jul 2021
Samsung Galaxy S21 5G review: A rose-tinted experience
Mobile Phones

Samsung Galaxy S21 5G review: A rose-tinted experience

14 Jul 2021