Cyber security news for all

More

    Microsoft’s groupware is vulnerable to various vulnerabilities

    More than 350.000 exchange servers accessible over the internet are still vulnerable despite security updates. Microsoft already released patches in early February. Attackers have been actively scanning for vulnerable systems since the end of February. Even if Microsoft only classified the patches as important in a post, admins should react now and update their exchange servers immediately.

    The Scan Revealed Alarming Numbers

    At least 300.000 have not yet been patched. In a post, they explain that the patch from Microsoft does not always update the build number reliably, making it difficult to read vulnerable servers. As a result, many exchange servers have not been updated for 7-8 years. In addition, the security researchers came across almost 10.000 exchange servers. Since support for this version has expired in 3 years ago, there have been no security updates since then.

    In order for a successful attack to occur, users must open a specially designed document or have it displayed in the Windows preview window. Microsoft classifies the vulnerability as critical. There were limited and targeted attacks that attempted to exploit the vulnerability.

    The company advises to deactivate the preview window and the detail area on affected Windows versions. This prevents the automatic display of fonts.

    However, much more damage is expected because the vulnerability can survive if many servers are not set correctly. The wave of attacks could continue until summer. The virus can only attack servers that work with Microsoft information server. The system uses a security hole that has been known for a long time and can also be closed with a patch. Even so, a large number of system administrators, despite ongoing warnings from security experts, have apparently missed the gap.

    Recent Articles

    Unclear cyber attacks that target Covid-19 vaccine campaign

    Security researchers have discovered some cyber attacks that are targeted against the delivery of vaccine against COVID. The targeted attacks began in 2 months...

    New malware called Egregor is on the rise

    New malware is on the rise. The Egregor malware has only been in active for 2 months, but it is already becoming apparent that...

    Anyone with a smartphone can become a victim of cyber-mobbing

    Cyber-mobbing is becoming a huge risk in the current COVID crisis. According to a study, almost 20 percent of students in Germany are exposed...

    macOS Trojans: Traces lead to Vietnam

    Security researchers have discovered a new macOS Trojans. Behind this could be a well known hacker group that has spied on Vietnamese dissidents in...

    Court forces Tutanota to perform a surveillance function

    Tutanota email only stores its user mails in encrypted form and cannot read them itself. Tutanota is one of the few email providers that...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox