The U.S. government ordered federal agencies on Wednesday to update Microsoft products that were recently discovered to contain vulnerabilities being exploited by suspected Chinese state hackers.
The U.S. Cybersecurity and Infrastructure Security Agency, or CISA, instructed federal civilian departments and agencies to update any versions they have of the vulnerable Microsoft Exchange Server products.
Government agencies and departments that are unable to immediately patch the Microsoft products should disconnect them from their network until the updates can be properly applied, CISA said.
“This Emergency Directive will help us secure federal networks against the immediate threat while CISA works with its interagency partners to better understand the malicious actor’s techniques and motivations to share with our stakeholders,” said acting CISA Director Brandon Wales.
“The swiftness with which CISA issued this Emergency Directive reflects the seriousness of this vulnerability and the importance of all organizations — in government and the private sector — to take steps to remediate it,” Mr. Wales added.
Microsoft said Tuesday it recently found a new, state-sponsored threat actor operating out of China, called Hafnium, that has been exploiting the previously unknown Microsoft Exchange vulnerabilities.
Tom Burton, a corporate vice president fro Microsoft, said the attacked “enabled access to email accounts, and allowed installation of additional malware to facilitate long-term access to victim environments.”
Hafnium has targeted a variety of entities ranging from infectious disease researchers and law firms to defense contractors and NGOs, Mr. Burt wrote in a blog post Tuesday.