Once again, experts strongly advise patching in order to close the security holes
[datensicherheit.de, 14.04.2021] to me Correction Tuesday AM 13. April 2021 There have been some important updates for “Microsoft Exchange” – as well Hafnium The experts strongly advised you to install the patches. Contrary to this vulnerability, the warning from Come the US National Security Agency.
Tim Bergoff: Correct speed makes the difference between a secure and unsafe network!
Tuesday’s patch April 13, 2021 affected the security vulnerabilities in Exchange 2013, 2016, and 2019
On “Patch Day” yesterday, Microsoft closed two critical vulnerabilities affecting locally installed “Exchange” instances in 2013, 2016, and 2019. These vulnerabilities allow any program code to be executed on an affected system. Unlike the security holes that The hafnium group However, according to Microsoft, there are currently no indications of the vulnerabilities being actively exploited.
This distinguished these two vulnerabilities from the incident that occurred at the beginning of March 2021. At the time, it turned out that these vulnerabilities had been known to Microsoft for a long time – but decided to close them only later. A plan that was quickly revised after it became clear Tens of thousands of Exchange servers are attacked all over the world And it specifically surveyed for vulnerabilities. “
The US National Security Agency announced security flaws
According to existing patch release notes, this time the warning came from the US National Security Agency (NSA). This information is located at Microsoft “Disclosure of vulnerabilities” – projection Flowed.
“Hafnium is our second time, this time Apparently he survived. However, one thing is clear: when it comes to debugging, speed makes the difference between a secure and an insecure network., Betont Tim Berghoff, “Security Evangelist” in G.
Quickly install updates to fill security holes!
Less than a month after a total of seven vulnerabilities appeared in “Microsoft Exchange” and an urgent reminder to import updates immediately There is no doubt that everything is clear is being. On the contrary: Only a few successful attacks have been noticed, for example by installing ransomware on hacked systems.
Berghof: What the March events have in common with the current “Patchday” event is that updates should be installed as quickly as possible. The reason for this is that when the patch is available, criminals and others The attackers begin to do soTo search for weak systems in order to be able to target the uncorrected systems there. “
More information on this topic:
G DATA BlogTim Bergoff 04/14/2021
Microsoft Exchange: New security vulnerabilities discovered and closed
Microsoft Exchange Server: Endangered servers and limited patch speed / Palo Alto Networks provides an Expanse platform for analyzing attack surfaces like the current Microsoft Exchange Server
Successful Attack: Over Ten Thousand Affected On-premises Microsoft Exchange Servers / Exchange Online Service Unaffected – Thomas Jupe comments on the incident and offers advice