BSI renews warning: Thousands of Exchange servers vulnerable
The Federal Office for Information Security (BSI) is again warning of security gaps in Microsoft Exchange Servers. Despite previous warnings, thousands of servers remain unpatched and vulnerable to cyberattacks. What is behind this ongoing problem?
Alarming downtime on Exchange servers
The Federal Office for Information Security (BSI) is sounding the alarm again: Thousands of Microsoft Exchange servers in Germany continue to have critical security gaps (via Günter Born). This worrying situation exists despite repeated warnings and the availability of security updates. The CERT-Bund, the BSI’s computer emergency unit, has published current figures that underline the urgency of the situation.
According to CERT-Bund, around 12,000 Microsoft Exchange Servers 2016 and 2019 can be accessed via the Internet with open Outlook Web Access (OWA), but do not have the latest security levels. This corresponds to around 28 percent of all Exchange servers of these versions in Germany. What is particularly alarming is that for around 6,500 systems, or 15 percent, the last security patch was installed over a year ago.
Critical security vulnerability
Two particularly critical vulnerabilities are the focus of the BSI warning. The vulnerability, known as CVE-2024-26198, allows an unauthenticated attacker to execute remote code. Microsoft has given this vulnerability a high risk score of 8.8. A patch to fix this was already released in March 2024.
Another serious vulnerability, CVE-2023-36439, allows authenticated attackers to gain extensive system privileges. This vulnerability was closed by Microsoft in November 2023. The fact that many servers are still vulnerable to these older vulnerabilities clearly shows how careless many organizations are with their IT systems.
Reasons for lack of patch discipline
The question that arises: Why are these critical updates not installed even though they are available for free? Experts suspect various reasons:
- Lack of resources: Many IT departments are understaffed and do not have the capacity for regular maintenance.
- Complexity: Updates can cause compatibility issues in complex environments.
- Lack of prioritization: Cybersecurity is often not perceived as business-critical.
- Outdated systems: Older versions of Exchange may no longer be updateable.
The consequences of this negligence can be serious. Unprotected Exchange servers are a popular target for cybercriminals, who can exploit these vulnerabilities to steal sensitive data or launch ransomware attacks.
BSI recommendation for action
The BSI is urging companies and organizations to update their Exchange servers immediately. The following steps are recommended:
- Instant installation of all available security updates
- Regularly check patch status
- Implement additional security measures such as two-factor authentication
- Consider migrating to cloud-based solutions for better maintainability
Digital marketing enthusiast and industry professional in Digital technologies, Technology News, Mobile phones, software, gadgets with vast experience in the tech industry, I have a keen interest in technology, News breaking.
