Saturday, July 13, 2024

17,000+ Microsoft Exchange Servers Vulnerable to Multiple Critical Vulnerabilities

Federal Office for Information Security (BSI) in Germany has announced that at least 17,000 Microsoft Exchange servers across the country are exposed to one or more critical vulnerabilities.

This figure only scratches the surface, as several servers remain unaccounted for, potentially harboring similar risks.

The BSI’s findings underscore a pressing cybersecurity crisis, urging immediate action from server operators.

BSI LogoClaudia Plattner, President of the BSI, expressed grave concerns over the widespread vulnerability of such crucial infrastructure.

“The presence of tens of thousands of vulnerable installations of such relevant software in Germany is unacceptable,” Plattner stated.

She emphasized the dire consequences of neglecting cybersecurity, including jeopardized IT systems, services, and sensitive data.

Plattner’s call to action is clear: cybersecurity must be at the top of the agendas for companies, organizations, and authorities.

CVE-2024-21410: A Closer Look

For nearly half of the Exchange servers, the vulnerability status concerning the critical vulnerability CVE-2024-21410 remains uncertain.

These systems are at risk unless operators have enabled extended protection since August 2022 or implemented alternative security measures.

The responsibility to assess and mitigate this vulnerability lies squarely with the server operators.

The BSI also highlighted another vulnerability in Microsoft Exchange that was recently addressed by security updates.

Failure to install these updates exacerbates the threat landscape. To combat this, the BSI’s CERT Association has been proactively informing network operators in Germany about vulnerable Exchange servers within their networks through daily, automated emails.

The Scope of Vulnerability

The BSI’s study reveals a concerning landscape: approximately 45,000 Microsoft Exchange servers in Germany are accessible online without restrictions.

About 12% operate on outdated versions that no longer receive security updates.

Furthermore, 25% of all servers run on current Exchange 2016 and 2019 versions but are behind on patch updates, leaving them susceptible to multiple critical vulnerabilities.

At least 37% of all Microsoft Exchange servers accessible from the Internet in Germany are vulnerable.

Impact on Various Sectors

The vulnerabilities have far-reaching implications, particularly affecting schools, universities, medical facilities, legal and tax advisory services, local governments, and medium-sized businesses.

Cybercriminals and state actors exploit these weaknesses to disseminate malware, conduct cyber espionage, and launch ransomware attacks.

The BSI’s study is a critical wake-up call for securing Microsoft Exchange servers against existing vulnerabilities.

Operators are strongly encouraged to update to the latest Exchange versions, install all available security updates, and configure their servers securely.

As cyber threats continue to evolve, the importance of proactive and comprehensive cybersecurity measures has never been more evident.

Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.


Latest articles

mSpy Data Breach: Millions of Customers’ Data Exposed

mSpy, a widely used phone spyware application, has suffered a significant data breach, exposing...

Advance Auto Parts Cyber Attack: Over 2 Million Users Data Exposed

RALEIGH, NC—Advance Stores Company, Incorporated, a prominent commercial entity in the automotive industry, has...

Hackers Using ClickFix Social Engineering Tactics to Deploy Malware

Cybersecurity researchers at McAfee Labs have uncovered a sophisticated new method of malware delivery,...

Coyote Banking Trojan Attacking Windows Users To Steal Login Details

Hackers use Banking Trojans to steal sensitive financial information. These Trojans can also intercept...

Hackers Created 700+ Fake Domains to Sell Olympic Games Tickets

As the world eagerly anticipates the Olympic Games Paris 2024, a cybersecurity threat has...

Japanese Space Agency Spotted zero-day via Microsoft 365 Services

The Japan Aerospace Exploration Agency (JAXA) has revealed details of a cybersecurity incident that...

Top 10 Active Directory Management Tools – 2024

Active Directory Management Tools are essential for IT administrators to manage and secure Active...
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Free Webinar

Low Rate DDoS Attack

9 of 10 sites on the AppTrana network have faced a DDoS attack in the last 30 days.
Some DDoS attacks could readily be blocked by rate-limiting, IP reputation checks and other basic mitigation methods.
More than 50% of the DDoS attacks are employing botnets to send slow DDoS attacks where millions of IPs are being employed to send one or two requests per minute..
Key takeaways include:

  • The mechanics of a low-DDoS attack
  • Fundamentals of behavioural AI and rate-limiting
  • Surgical mitigation actions to minimize false positives
  • Role of managed services in DDoS monitoring

Related Articles