Microsoft is closing further loopholes in the Exchange and Windows e-mail systems


After Microsoft closed vulnerabilities in the Exchange e-mail system in March, the problem appeared to be resolved, at least for the future, despite many infections. But now it is clear that not all security holes in the Exchange server were caught back then. The software group published updates for versions from 2013, 2016 and 2019 on Tuesday. Microsoft had already updated these in March. The reference to two of the four new problems came from the US secret service NSA.

You know no malware that already exploited the vulnerabilitiesexplained Microsoft. Nevertheless, the company recommended installing the updates immediately. The White House directed all US government agencies to do theirs Update your email server immediately. Vice security advisor Anne Neuberger emphasizes that the US government reported the vulnerability to Microsoft because of its responsibility.

Secret services are specifically looking for security holes in order to exploit them. In the US government apparatus there is a process in which it is weighed whether a vulnerability could become too dangerous for the general public if an intelligence agency kept it to itself.

The National Security Agency (NSA) is responsible for electronic espionage abroad. In 2017, a security hole discovered by the secret service was exploited by hackers to infect computers on a large scale with WannaCry blackmail software. Such programs encrypt the hard drive and charge a fee to release it. At that time, among other things, British hospitals and display boards of Deutsche Bahn were affected, although basic IT security practices could have protected them from WannaCry. The NSA came under criticism for failing to close the security gap.

According to estimates by IT security experts, the Exchange vulnerabilities that became known in March infected hundreds of thousands of e-mail servers worldwide. The attackers took advantage of the fact that the updates had to be installed manually – and not all Exchange customers reacted quickly and were not informed about the measures that companies had to take due to the Exchange hack.

According to Microsoft’s assessment, the security holes from the March update were initially exploited by Chinese hackers. Various other attackers were later added. In the event of a successful attack via the vulnerabilities, it was possible to access data from the e-mail system. Exchange servers can now be secured with just a few clicks using a new Microsoft tool.

In the meantime, the US Federal Police, the FBI, removed malware from “hundreds of computers” in the US by a court order that had been infected with the aid of the security holes that became known in March. Some operators of Exchange servers were not able to delete the backdoors set up by attackers in January and February, the US Department of Justice said.

Only servers that companies operate themselves are affected by the Exchange vulnerabilities. The online versions of the Exchange services were already protected.

By doing large package of security updates Microsoft closed more than 2,700 vulnerabilities on Tuesday. In addition to updates for the Exchange systems, this also includes the current Windows 10 and older operating systems such as Windows 7 and 8.1. There are also critical and important updates for Windows Server 2019, 2016, 2012, and 2008, as well as other products such as Outlook 2016, Office 2019, and Visual Studio. (with material from dpa) /


To home page