High time to fix the security vulnerabilities in Microsoft Exchange Servers

16.02.2022 - The NCSC strongly urges businesses and communes to install the security patches for Microsoft Exchange Servers. The security vulnerabilities in Microsoft Exchange Servers, which have been known for a long time, are being actively exploited by cybercriminals to install encryption Trojans, for example.

Businesses often use Microsoft Exchange Server to enable digital collaboration via email. For some time now, Exchange Server has had various security vulnerabilities that are already being actively exploited by cybercriminals. Microsoft already made security updates (patches) available for the security vulnerabilities months ago.

NCSC calls for security patches to be installed

Last year, the National Cybersecurity Centre (NCSC) emailed over 4,500 businesses and communes about the security vulnerability and included instructions on how to remedy it. However, despite several follow-up attempts, not all affected parties have yet taken the necessary action. In the past few days, the NCSC has been informed by international partners that dozens of businesses and communes have still not applied the security patches. They have now been sent a registered letter requesting them to take the necessary security precautions immediately.

Security vulnerabilities are being actively exploited

The existing vulnerability is classified as critical, as it allows an attacker to remotely execute malicious code on the server and thus compromise it.

In recent months, the NCSC has become aware of many cases in which such vulnerabilities were exploited as a gateway for encryption Trojans (ransomware), for sending malware and for mining cryptocurrencies.

Recommended measures

The NCSC therefore urgently advises installing the latest security updates (patches) on Microsoft Exchange Servers. In addition, the following measures are recommended:

  • Ensure that the Windows operating system and Exchange Server CU versions you are using continue to receive the latest security patches and always install them promptly and systematically.
  • Make sure that up-to-date virus protection is installed on your Exchange Server and carry out a complete system scan.
  • Check your Exchange landscape using the Health Checker provided by Microsoft:

Further information on information security for SMEs can be found in the online factsheet:

The international vulnerability management organisation, MITRE, has published all known vulnerabilities concerning Microsoft Exchange Server on its website:

Last modification 16.02.2022

Top of page

https://www.ncsc.admin.ch/content/ncsc/en/home/aktuell/im-fokus/2022/schwachstelle-exchange-server.html