Politics & Government
City Of Greenbelt: Greenbelt IT Addresses Microsoft Exchange Vulnerability
This vulnerability is on Microsoft Exchange servers located on-premises. It is not known to affect Microsoft Office 365 users.
03/15/2021 5:22 PM
Exchange Vulnerability
Find out what's happening in Greenbeltfor free with the latest updates from Patch.
Summary
On March 3, the Department of Homeland Security’s Cyber Infrastructure & Security Agency (CISA) issued an alert for a vulnerability in on premises Microsoft Exchange Servers. Exploitation of these vulnerabilities allows an attacker to access on-premises Exchange Servers, enabling them to gain persistent system access and control of an enterprise network.
Find out what's happening in Greenbeltfor free with the latest updates from Patch.
What it is / what is affected
This vulnerability is on Microsoft Exchange servers located on-premises. It is not known to affect Microsoft Office 365 users. An attacker that gains access through this vulnerability, can gain access to servers across the network. This potentially would allow an attacker to export sensitive data without being noticed. This vulnerability is currently being exploited in government and corporate networks worldwide. Nearly all of these attacks appear to be from foreign origins.
Why the City is not affected
The City uses Microsoft Office 365 for email. This environment is not currently known to be affected by this vulnerability. The City will continue to monitor this issue as well as our email environment.
More information can be found here. https://us-cert.cisa.gov/ncas/current-activity/2021/03/03/cisa-issues-emergency-directive-and-alert-microsoft-exchange
This press release was produced by the City of Greenbelt. The views expressed here are the author’s own.