IT-Security: New vulnerabilities discovered in Microsoft Exchange Server

After further critical security vulnerabilities were discovered, Microsoft provides corresponding patches. Fast action is required.

Since 13.04.2021, Microsoft has again been offering patches for the Exchange Server e-mail program. The new update is particularly relevant for Exchange Server versions 2013, 2016 as well as 2019 and is intended to close newly identified IT security vulnerabilities. Microsoft recommends that affected companies install the updates immediately. Companies using older Exchange Server versions are recommended to update them immediately. However, since Exchange Servers are currently the special focus of attackers, there is a high probability that they will be exploited soon, warns the German Federal Office for Information Security (BSI).

Due to the widespread use of Microsoft Exchange software by companies, government agencies and public institutions, security vulnerabilities are particularly explosive. The BSI had already published a security warning at the beginning of March and, due to the threatening situation, warned thousands of potentially affected companies in writing.
Since then, many companies have already reacted and installed the updates provided in March. But the question of whether and to what extent their own systems were affected is often not answered.

To cope with a cyber incident, many companies rely on qualified service providers

Due to high economic risks caused by a possible data leakage, fast and thorough action is required. At the same time, for companies potentially affected by such a cyber incident, this is often a special situation and the forensic investigation of possible damage is not mastered with their own resources. Many companies are therefore dependent on professional support in IT security when dealing with such a cyber incident. This often also involves being able to assert insurance claims in the event of damage. Warth & Klein Grant Thornton, with which Hanse Consulting is associated, is one of the qualified APT (Advanced Persistent Threat) response service providers recommended by the BSI, offering support in forensic security and analysis.

Together with Warth & Klein Grant Thornton specialists, Hanse Consulting successfully scanned affected customers’ systems for compromise back in March.

  • With the development of an analysis tool and subsequent analysis of relevant log files, Hanse Consulting provided important indicators for determining a possible compromise.
  • Based on Hanse Consulting’s analysis results, WKGT’s forensics experts were able to trace the modus operandi of the cyberattacks in the customer systems and, based on this, determine the extent to which data leaks had occurred.

We can support you! IT security services from Hanse Consulting and Warth & Klein Grant Thornton in the event of a cyber incident:

  • Immediate response to an IT security incident (cyber incident response).
  • Technical analyses of the affected systems
  • Digital forensics
  • Crisis communications

Should you require support in the event of a possible cyber incident or have any questions on the subject, HANSE Consulting, together with the experts in Dr. Florian Scheriau’s team, will be happy to assist you.

Your experts from HANSE Consulting
Frank Walkowiak, Senior Consultant and Dr. Marcus Engels, Managing Director