BSI: Thousands of MS Exchange servers with critical vulnerabilities
The BSI – Federal Office for Information Security – has warned several times in the past about vulnerabilities in Exchange and recommended that the security updates provided be installed promptly. But old systems are still not patched and a new vulnerability has already been published. There are currently around 45.000 Microsoft Exchange servers in Germany operating with Outlook Web Access (OWA) that can be accessed openly from the Internet. According to the BSI's findings, around 12% of these are still running Exchange 2010 or 2013. Security updates have no longer been available for these versions since October 2020 or April 2023...