08.03.2021
The German Federal Office for Information Security (BSI) also points out the vulnerabilities in MS Exchange and classifies the IT threat situation as extremely critical (= highest level 4/red); for the first time since 2014. There is therefore an urgent need for action, because the as yet undiscovered flaw in MS Exchange can lead to hackers and data thieves gaining access to a company's mails from outside and thus also being able to penetrate deeper into the system. Another gap allows malicious code to be installed on the affected computers. Attackers can also write their data to the servers in order to carry out attacks on other systems from there. According to the BSI, there have already been attacks in which emails were accessed and malware was installed.
Microsoft provides a patch that closes critical gaps in Exchange Server 2019, 2016, 2013 and 2010 and calls on users to update externally accessible Exchange Servers immediately. Since affected computers may still be potentially infiltrated even after the patch, it is important to track and recognise the possible attack paths. You can find information from Microsoft here.
Do you have questions about the security gap and need further information or short-term support? Don't hesitate, contact our experts directly now and let us check how threatened your company is.
TSO-DATA
Marvin Hitzfeld
it-infrastruktur[at]tso[dot]de
+49 (541) 1395-94