BONN (dpa-AFX) – The Federal Office for Information Security (BSI) warned thousands of companies Friday to plug security holes in the Exchange Server email program that became known this week. Microsoft as the developer provided updates Wednesday that closes the vulnerability. However, the update must be installed by the customer.
BSI announced that it has contacted the management of 9,000 companies as part of its commitment to increasing IT security in small and medium-sized businesses. The agency responsible for IT security warned the federal government, among other things, “The actual number of systems at risk in Germany is likely to be much higher.”
On Wednesday, Microsoft warned that the four previously unknown vulnerabilities are being exploited by Chinese hackers. The hacking group, which Microsoft calls “Hafnium”, wanted to use the vulnerabilities primarily to gain access to information in the United States. The goals were, among other things, to search for infectious diseases as well as universities, law firms and defense companies. The attacks were targeted, and Microsoft had no evidence of private clients being attacked either.
According to Microsoft, 2013, 2016, and 2019 Exchange Server releases are affected. Exchange is used by many companies, organizations, and educational institutions as an email platform. In the event of a successful attack via the vulnerabilities, it is possible to access data from the email system. Microsoft has been informed of security gaps by IT security researchers.
According to Microsoft, the “Hafnium” group operates from China – but it used the infrastructure in the United States to launch the attacks.
/ So / dp / it
“Professional food nerd. Internet scholar. Typical bacon buff. Passionate creator.”
