[Tech-l] Urgent message from White House

Thu Mar 11 07:16:55 EST 2021

Good morning,
I’ve been asked to share the message below with MVECA client organizations in order to help stress the need for action in addressing the recently discovered Microsoft vulnerabilities in various products.  If you haven’t already done so, please review and assess your various Microsoft deployments and apply all patches and updates needed to ensure a safe computing environment.
As always, don’t hesitate to reach out to us if you need assistance or have questions.
Thank you,
Thor

Thor Sage
Executive Director
Miami Valley Educational Computer Association
937-767-1468  x3101
[http://www.mveca.org/images/logo.gif]<http://www.mveca.org/>       [i] <https://www.linkedin.com/company/mveca/> [t] <https://twitter.com/mvecarcog> [f] <https://www.facebook.com/MVECA-707401659416692/>
Not-for-profit Technology Services for Education and Local Governments

-----------------------------------------

Good afternoon,

The White House Cybersecurity leadership asked us to share the message below widely:

The Microsoft Exchange Server vulnerability is a significant threat that is poised to grow exponentially. When this happens, it will disproportionately hit state, local, and tribal governments; small and medium sized businesses; and school systems and academic institutions.  As bad as it may seem now, the attacks are still limited to a small set of bad actors.  That is about to change, because now that the patch is out, criminals and other actors will soon be able to copy the attack and will almost certainly use it to deploy ransomware and other destructive attacks on a massive scale.  We have a very short window – measured in days, not weeks – to get every vulnerable organization to protect their servers. Organizations also need to look to see if they’re already compromised – patching will protect you against future attacks but won’t kick out an attacker who is already on your system.  Anything you can do to encourage your state and local governments, your businesses, and your academic institutions to act now will be a service to  your constituents.  Every server that is patched is one less target for the criminals.

Below are some resources from Microsoft and the US Government to help you.  These are being regularly updated so please check back often.

     *   CVE-2021-27065 - Security Update Guide - Microsoft - Microsoft Exchange Server Remote Code Execution Vulnerability<https://gcc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmsrc-blog.microsoft.com%2F2021%2F03%2F02%2Fmultiple-security-updates-released-for-exchange-server%2F&data=04%7C01%7Cmichael.carmack%40education.ohio.gov%7C9c7906ab23bf45e5e15e08d8e34fcf33%7C50f8fcc494d84f0784eb36ed57c7c8a2%7C0%7C0%7C637509279223121286%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=f6oz3Cv4YUzWw8yFrS2aCBhRsXHCXD5Qv%2BWBhq96MHI%3D&reserved=0>
     *   Multiple Security Updates Released for Exchange Server – updated March 8, 2021 – Microsoft Security Response Center<https://gcc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmsrc.microsoft.com%2Fupdate-guide%2Fvulnerability%2FCVE-2021-27065&data=04%7C01%7Cmichael.carmack%40education.ohio.gov%7C9c7906ab23bf45e5e15e08d8e34fcf33%7C50f8fcc494d84f0784eb36ed57c7c8a2%7C0%7C0%7C637509279223121286%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=Szn9yfMlnrASLLcvDEiPb85LIIyALkNRrwTkkLMb4xE%3D&reserved=0>
     *   HAFNIUM targeting Exchange Servers with 0-day exploits - Microsoft Security<https://gcc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.microsoft.com%2Fsecurity%2Fblog%2F2021%2F03%2F02%2Fhafnium-targeting-exchange-servers%2F%23scan-log&data=04%7C01%7Cmichael.carmack%40education.ohio.gov%7C9c7906ab23bf45e5e15e08d8e34fcf33%7C50f8fcc494d84f0784eb36ed57c7c8a2%7C0%7C0%7C637509279223131241%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=Peaza3HCfKAhfw3OTthTDJGQiJc6YZIY3YerXiqhaiM%3D&reserved=0>
     *   Remediating Microsoft Exchange Vulnerabilities | CISA<https://gcc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fus-cert.cisa.gov%2Fremediating-microsoft-exchange-vulnerabilities&data=04%7C01%7Cmichael.carmack%40education.ohio.gov%7C9c7906ab23bf45e5e15e08d8e34fcf33%7C50f8fcc494d84f0784eb36ed57c7c8a2%7C0%7C0%7C637509279223131241%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=vczGQr7AtGdwHmVres4ggpYYHt27iaBdDaLKXrKirHs%3D&reserved=0>
     *   Detect and Prevent Web Shell Malware<https://gcc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmedia.defense.gov%2F2020%2FJun%2F09%2F2002313081%2F-1%2F-1%2F0%2FCSI-DETECT-AND-PREVENT-WEB-SHELL-MALWARE-20200422.PDF&data=04%7C01%7Cmichael.carmack%40education.ohio.gov%7C9c7906ab23bf45e5e15e08d8e34fcf33%7C50f8fcc494d84f0784eb36ed57c7c8a2%7C0%7C0%7C637509279223141201%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=0k%2BnmTS1t8JAjaRrx6kQebGAAB1Hy2GBuATinyaHmj4%3D&reserved=0>
     *   Mitigate Microsoft Exchange On-Premises Product Vulnerabilities | CISA<https://gcc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.cisa.gov%2Fed2102&data=04%7C01%7Cmichael.carmack%40education.ohio.gov%7C9c7906ab23bf45e5e15e08d8e34fcf33%7C50f8fcc494d84f0784eb36ed57c7c8a2%7C0%7C0%7C637509279223141201%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=6AIzkd49rZG4YmVuM9sU1s5bJU%2FvjZ5G2S7Ac56D6%2FE%3D&reserved=0>

Best,

White House IGA Office

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listserv.mveca.org/pipermail/tech-l/attachments/20210311/195ffc0f/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.jpg
Type: image/jpeg
Size: 3184 bytes
Desc: image002.jpg
URL: <http://listserv.mveca.org/pipermail/tech-l/attachments/20210311/195ffc0f/attachment.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image003.jpg
Type: image/jpeg
Size: 1229 bytes
Desc: image003.jpg
URL: <http://listserv.mveca.org/pipermail/tech-l/attachments/20210311/195ffc0f/attachment-0001.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image004.jpg
Type: image/jpeg
Size: 1197 bytes
Desc: image004.jpg
URL: <http://listserv.mveca.org/pipermail/tech-l/attachments/20210311/195ffc0f/attachment-0002.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image005.jpg
Type: image/jpeg
Size: 1194 bytes
Desc: image005.jpg
URL: <http://listserv.mveca.org/pipermail/tech-l/attachments/20210311/195ffc0f/attachment-0003.jpg>