16.05.2022 - The NCSC has sent registered letters to more than 200 companies to notify and warn them once again about vulnerable Microsoft Exchange servers. The security vulnerability was discovered quite some time ago and is being actively exploited by cybercriminals.
The security vulnerability in Microsoft Exchange servers was discovered more than a year ago and patches are available. And yet numerous systems are still vulnerable.
Warning by registered letter
For this reason, the NCSC sent registered letters to over 200 companies and individual communes at the weekend to warn them once again about the security vulnerability. The NCSC is not disclosing the recipients of the letters for security reasons. Some of the companies have still not patched the security vulnerability, which was discovered quite some time ago. However, the recipients also include companies that were notified by the NCSC a while ago, reacted and applied the security updates at that time, but have not applied any patches since then. As new security vulnerabilities have emerged in the meantime, their systems are vulnerable again and thus potentially exposed to an attack.
Important: Regularly apply security patches
Security patches need to be applied regularly and should be installed at least once a month. In the case of critical security vulnerabilities that can be exploited for remote code execution (RCE), for instance, the necessary security patches should be applied as quickly as possible, ideally within a few hours.
Aside from the Microsoft Exchange notifications, the NCSC also began last week to inform companies and authorities by registered post about critical vulnerabilities in other products such as SonicWall and F5.
With such information and warnings, the NCSC wishes to raise awareness of the importance of cybersecurity among companies and authorities. Cybersecurity is a joint task of the state, the private sector, research and development, and the general public. Everyone must play their part to ensure that Switzerland has the best possible protection against cyberattacks.
Last modification 16.05.2022