CISA gives federal agencies until Friday to patch Exchange servers
By
05:59 PM
The US Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to install newly released Microsoft Exchange security updates by Friday.
These Exchange vulnerabilities are capable of remote code execution, with two vulnerabilities not requiring attackers to authenticate first.
While none of the vulnerabilities are known to be used in attacks, CISA believes that threat actors will reverse engineer the patches to create working exploits due to their severity and public disclosure.
While none of these vulnerabilities are known to be used in attacks, due to their severity and public disclosure, CISA believes that threat actors will reverse engineer the patches to create working exploits.