The Department of Homeland Security (DHS) has issued Emergency Directive 21-02, warning of the recent vulnerabilities discovered in Microsoft’s Exchange server. According to the Cybersecurity & Infrastructure Security Agency (CISA), the potential exploitation of these newly discovered vulnerabilities poses “an unacceptable risk to Federal Civilian Executive Branch agencies and requires emergency action.” Currently, CVE-2021-26855, CVE-2021-26857, CVE-2021-26858 and CVE-2021-27065 are related to known exploitation of Microsoft Exchange. The DHS directive goes on to say Microsoft also relates CVE-2021-26412, CVE-2021-26854 and CVE-2021-27078, though these are not yet known to be exploited in the wild. By issuing an emergency directive, the DHS is requiring all federal agencies to either hunt for signs of compromise and patch or disconnect all Exchange instances and wait for further orders.
By Anthony Zampino Introduction Leading up to the most recent Russian invasion of Ukraine in