Article Details
Scrape Timestamp (UTC): 2024-03-28 07:51:19.676
Source: https://www.theregister.com/2024/03/28/germany_microsoft_exchange_patch/
Original Article Text
Click to Toggle View
These 17,000 unpatched Microsoft Exchange servers are a ticking time bomb. One might say this is a wurst case scenario. The German Federal Office for Information Security (BIS) has issued an urgent alert about the poor state of Microsoft Exchange Server patching in the country. The government regulator says there are 17,000 or more Exchange Server instances in Germany vulnerable to at least one critical vulnerability, out of around 45,000 public-facing servers in the Euro nation running the software. Of these servers, 12 percent are running a version of Exchange Server that is ordinarily no longer supported, such as Exchange 2010 and 2013, and around a quarter are running Exchange 2016 and 2019 but without vital patches - meaning at least 37 percent are classed as "vulnerable." "The fact that there are tens of thousands of vulnerable installations of such relevant software in Germany must not happen," warned Claudia Plattner, president of the BSI. "Companies, organizations and authorities unnecessarily endanger their IT systems and thus their added value, their services or their own and third-party data, which may be highly sensitive. Cybersecurity must finally be high on the agenda. There is an urgent need for action!" The BIS is trying to get its citizens to patch early. Just last week Google-owned Mandiant warned that German politicians were under active attack from the Russian Cozy Bear crew, who operate under state sanction from Putin's regime. Of particular concern is fixing CVE-2024-21410, an elevation-of-privilege vulnerability that Microsoft patched last month. According to German investigators, it's not clear whether as much as 48 percent or so of the country's Exchange servers have fixed up this hole yet, and Microsoft did warn it's a trickier-than-normal update to apply. We're told BIS is now emailing network providers on a daily basis reminding them to shore up any vulnerable system it detects. It warns that criminals are already on the lookout to exploit these reported flaws and "schools and universities, clinics, doctors' practices, nursing services and other medical facilities, lawyers and tax advisors, local governments and many medium-sized companies are particularly affected." "Most of the vulnerabilities are months old and security patches are available," a BIS spokesperson told The Register. "Even if administrators are not responsible fort he quality of the software (Microsoft is), they must now act quickly and consistently."
Daily Brief Summary
The German Federal Office for Information Security (BIS) has issued an urgent warning concerning over 17,000 unpatched Microsoft Exchange Servers, constituting a significant cybersecurity risk.
Approximately 37 percent of Germany's public-facing Exchange servers are vulnerable to critical exploits due to outdated or unpatched software, including versions that are no longer supported.
The BIS emphasizes the importance of cybersecurity and the urgent need for action by organizations, citing potential threats to sensitive data and services if systems remain unpatched.
A recent example of a critical vulnerability that needs patching is CVE-2024-21410, an elevation-of-privilege flaw that Microsoft addressed last month, but many servers remain unpatched.
The BIS has started daily communications with network providers to encourage prompt remediation of any detected vulnerabilities.
There is an increased concern about exploitation by criminals and state-sanctioned groups, with essential services like medical facilities, schools, and government entities being at high risk.
BIS urges administrators to act swiftly and apply available security patches to prevent potential cyber attacks, even though the quality of the software is the responsibility of Microsoft.