Network Security, Vulnerability Management, Email security

Germany: Vulnerable internet-exposed Microsoft Exchange servers prevalent

Nearly 17,000 internet-exposed Microsoft Exchange servers across Germany were confirmed by the country's Federal Office for Information Security, or BSI, to have significant security issues, reports BleepingComputer.

Numerous healthcare providers, tax consulting firms, academic entities, and medium-sized companies across Germany have been leveraging the vulnerable Exchange servers, which include outdated Exchange 2010 and 2013 implementations, as well as Exchange 2016 and 2019 instances that have been unpatched for four months or longer, according to the BSI.

"As early as 2021, the BSI warned several times against the active exploitation of critical vulnerabilities in Microsoft Exchange and temporarily called the IT threat situation 'red.' Nevertheless, the situation has not improved since then, as many Exchange server operators continue to act very carelessly and do not release available security updates in a timely manner," said the BSI.

The agency has recommended immediate upgrades to newer Microsoft Exchange versions and application of the latest patches.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.