CISA also identified Microsoft Exchange servers still in operation and hosted by (or on behalf of) federal agencies that require additional hardening," CISA says in the supplement.ĬISA also issued hardening instructions for Exchange servers including applying software updates, ensuring that only a supported version of Exchange is being used, and to review permissions and roles. "Since the original issuance of ED 21-02, Microsoft has developed new tools and techniques to aid organizations in investigating whether their Microsoft Exchange servers have been compromised. They need to be followed even if all steps in the earlier directive were completed. The new CISA orders are aimed at ensuring agencies use newly developed Microsoft tools to identify any compromises that remain undetected. SEE: Network security policy (TechRepublic Premium) Exploitation of these vulnerabilities allows an attacker to access on-premises Exchange Servers, enabling them to gain persistent system access and control of an enterprise network. The move follows the discovery of software flaws in on-premise versions of Microsoft Exchange Server being exploited by attackers.
CISA to agencies: Patch now, or disconnect servers
0 kommentar(er)
