BSI warns: several vulnerabilities in MS Exchange

Our system was updated immediately and is therefore not affected.

2021/03/05

+++ UPDATE +++ (10.03.2021) +++ UPDATE +++ (08.03.2021) The German Federal Office for Information Security (BSI) has issued a warning about vulnerabilities in Microsoft Exchange. On the night of Wednesday, 3 March 2021, Microsoft had released important security updates for Exchange Server out of turn.

+++ UPDATE +++ (10.03.2021)

Updated documents

+++ UPDATE +++ (08.03.2021)

The warning level regarding the Exchange vulnerability has now been upgraded from “Orange” to “Red”. The BSI assumes that every system that has not been updated is already compromised. Please also see the updated document at the end of this news.

Admins should urgently check their systems. Microsoft provides appropriate check scripts for this purpose. You can also find more information here.

This closes four vulnerabilities that are already being used in combination for targeted attacks and offer perpetrators the possibility of tapping data or installing further malware.

According to Microsoft, if attacks are successful, attackers could compromise entire servers with the groupware software and, for example, view internal e-mails and appointments. Our system was updated immediately; the vulnerabilities therefore do not affect the central TU and HRZ groupware.

You can read more detailed information in the official notification of the BSI (PDF) and the info brochure “detection and reaction” (PDF).