DIR Urges Patch for Microsoft Exchange Server Vulnerabilities

Mar 04 2021

AUSTIN- The Texas Department of information Resources (DIR) is urging users of on-premise Microsoft Exchange Servers 2013, 2016 and 2019 to take immediate action to protect against attackers exploiting vulnerabilities in those versions.

​Attackers that successfully exploit the most severe of these vulnerabilities could execute arbitrary code in the mail server and potentially view, change, or delete data, according to the Multi-State Information Sharing and Analysis Center.   Microsoft is attributing the attacks to HAFNIUM, a Chinese state-sponsored group.

DIR recommends that security teams assess whether or not the vulnerabilities are being exploited by using the Indicators of Compromise, which can be found at https://www.microsoft.com/security/blog/2021/03/02/hafnium-targeting-exchange-servers/.

"Anyone using on-premise Microsoft Exchange Servers 2013, 2016 or 2019 should immediately apply the patches that Microsoft has released to protect against this attack," Texas' Chief Information Security Officer Nancy Rainosek said. "The Office of the Chief Information Security Officer (OCISO) and DIR will continue to provide information through the Texas Information Sharing and Analysis Organization (ISAO) and are working with federal and state partners to assess the situation as it develops. "

Return to Hot Topics