![[Germany] High incidence of vulnerable internet-exposed Microsoft Exchange servers](http://globalpayrollassociation.com/cdn/shop/articles/bigstock-Munich--Germany--February---231727957_0fd2429b-f89d-426f-beec-910d88c5c040_1200x.jpg?v=1711604701)
In Germany, the Federal Office for Information Security (BSI) has confirmed that nearly 17,000 internet-exposed Microsoft Exchange servers across the country have significant security issues, SC Media reports.
According to reporting from BleepingComputer, healthcare providers, tax consulting firms, academic entities and medium-sized companies across Germany have been leveraging the vulnerable Exchange servers.
The BSI said these include outdated Exchange 2010 and 2013 implementations, together with Exchange 2016 and 2019 instances that have been unpatched for four months or longer.
"As early as 2021, the BSI warned several times against the active exploitation of critical vulnerabilities in Microsoft Exchange and temporarily called the IT threat situation 'red.' Nevertheless, the situation has not improved since then, as many Exchange server operators continue to act very carelessly and do not release available security updates in a timely manner," the BSI said.
It has reportedly recommended immediate upgrades to newer Microsoft Exchange versions and application of the latest available patches.
Source: SC Media
(Link and quotes via original reporting)
In Germany, the Federal Office for Information Security (BSI) has confirmed that nearly 17,000 internet-exposed Microsoft Exchange servers across the country have significant security issues, SC Media reports.
According to reporting from BleepingComputer, healthcare providers, tax consulting firms, academic entities and medium-sized companies across Germany have been leveraging the vulnerable Exchange servers.
The BSI said these include outdated Exchange 2010 and 2013 implementations, together with Exchange 2016 and 2019 instances that have been unpatched for four months or longer.
"As early as 2021, the BSI warned several times against the active exploitation of critical vulnerabilities in Microsoft Exchange and temporarily called the IT threat situation 'red.' Nevertheless, the situation has not improved since then, as many Exchange server operators continue to act very carelessly and do not release available security updates in a timely manner," the BSI said.
It has reportedly recommended immediate upgrades to newer Microsoft Exchange versions and application of the latest available patches.
Source: SC Media
(Link and quotes via original reporting)