{"id":3942,"date":"2021-03-08T10:39:26","date_gmt":"2021-03-08T10:39:26","guid":{"rendered":"https:\/\/www.neam.de\/?p=19667"},"modified":"2021-03-08T10:39:26","modified_gmt":"2021-03-08T10:39:26","slug":"kritische-exchange-sicherheitsluecken-sofortiger-handlungsbedarf-laut-bsi","status":"publish","type":"post","link":"https:\/\/www.kai-wittenburg.de\/?p=3942","title":{"rendered":"Kritische Exchange-Sicherheitsl\u00fccken \u2013 sofortiger Handlungsbedarf laut BSI"},"content":{"rendered":"<div id=\"pl-19667\"  class=\"panel-layout\" >\n<div id=\"pg-19667-0\"  class=\"panel-grid panel-no-style\" >\n<div id=\"pgc-19667-0-0\"  class=\"panel-grid-cell\" >\n<div id=\"panel-19667-0-0-0\" class=\"so-panel widget widget_sow-image panel-first-child panel-last-child\" data-index=\"0\" >\n<div class=\"so-widget-sow-image so-widget-sow-image-default-d6014b76747a\">\n<div class=\"sow-image-container\">\n\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.neam.de\/wp-content\/uploads\/neam_microsoft_365_exchange.jpg\" width=\"1920\" height=\"500\" srcset=\"https:\/\/www.neam.de\/wp-content\/uploads\/neam_microsoft_365_exchange.jpg 1920w, https:\/\/www.neam.de\/wp-content\/uploads\/neam_microsoft_365_exchange-300x78.jpg 300w, https:\/\/www.neam.de\/wp-content\/uploads\/neam_microsoft_365_exchange-1024x267.jpg 1024w, https:\/\/www.neam.de\/wp-content\/uploads\/neam_microsoft_365_exchange-768x200.jpg 768w, https:\/\/www.neam.de\/wp-content\/uploads\/neam_microsoft_365_exchange-1536x400.jpg 1536w\" sizes=\"auto, (max-width: 1920px) 100vw, 1920px\" alt=\"\" \t\tclass=\"so-widget-image\"\/>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<div id=\"pg-19667-1\"  class=\"panel-grid panel-no-style\" >\n<div id=\"pgc-19667-1-0\"  class=\"panel-grid-cell\" >\n<div id=\"panel-19667-1-0-0\" class=\"so-panel widget widget_sow-editor panel-first-child panel-last-child\" data-index=\"1\" >\n<div class=\"so-widget-sow-editor so-widget-sow-editor-base\">\n<div class=\"siteorigin-widget-tinymce textwidget\">\n<p><strong>Worum geht es?<\/strong> Sie haben es hoffentlich schon mitbekommen. In verschiedenen Versionen von Microsofts Exchange-Servern sind mehrere als kritisch eingestufte Schwachstellen identifiziert worden. Die IT-Security zehntausender Endger\u00e4te mit der Groupware-Software sei aufgrund dieser L\u00fccken angreifbar und &#8222;mit hoher Wahrscheinlichkeit bereits mit Schadsoftware infiziert&#8220;, so das Bundesamt f\u00fcr Sicherheit in der Informationstechnik (BSI). &#8222;Betroffen sind Organisationen jeder Gr\u00f6\u00dfe&#8220;, schreibt die Beh\u00f6rde.<\/p>\n<h3><span style=\"color: #009ddd;\"><a style=\"color: #009ddd;\" href=\"https:\/\/attendee.gotowebinar.com\/rt\/5013102733482125069\"  rel=\"noopener\">Microsoft 365 Sicherheitskonzept &#8211; jetzt zum kostenlosen Webcast anmelden<\/a><\/span><\/h3>\n<p>Allen Betreibern von betroffenen Exchange-Servern raten wir unisono mit dem BSI, sofort die von Microsoft bereitgestellten Sicherheitsupdates einzuspielen. Die damit geschlossenen Schwachstellen werden derzeit &#8222;aktiv von einer Angreifergruppe&#8220; per Fernzugriff ausgenutzt. &#8222;Zus\u00e4tzlich besitzen Exchange-Server standardm\u00e4\u00dfig in vielen Infrastrukturen hohe Rechte im Active Directory&#8220;, warnt das Amt. Mit relativ geringem Aufwand ist es m\u00f6glich, dass auch die gesamte Dom\u00e4ne kompromittiert wird.<\/p>\n<h3>Updates f\u00fcr Exchange Server<\/h3>\n<div class=\"inread\">\n<ul class=\"rte__list rte__list--unordered\">\n<li><span style=\"color: #009ddd;\"><a style=\"color: #009ddd;\" href=\"https:\/\/support.microsoft.com\/en-us\/topic\/description-of-the-security-update-for-microsoft-exchange-server-2019-2016-and-2013-march-2-2021-kb5000871-9800a6bb-0a21-4ee7-b9da-fa85b3e1d23b\"  rel=\"external noopener\">Exchange Server 2013 (CU 23)<\/a><\/span><\/li>\n<li><span style=\"color: #009ddd;\"><a style=\"color: #009ddd;\" href=\"https:\/\/support.microsoft.com\/en-us\/topic\/description-of-the-security-update-for-microsoft-exchange-server-2019-2016-and-2013-march-2-2021-kb5000871-9800a6bb-0a21-4ee7-b9da-fa85b3e1d23b\"  rel=\"external noopener\">Exchange Server 2016 (CU 19, CU 18)<\/a><\/span><\/li>\n<li><a href=\"https:\/\/support.microsoft.com\/en-us\/topic\/description-of-the-security-update-for-microsoft-exchange-server-2019-2016-and-2013-march-2-2021-kb5000871-9800a6bb-0a21-4ee7-b9da-fa85b3e1d23b\"  rel=\"external noopener\"><span style=\"color: #009ddd;\">Exchange Server 2019 (CU 8, CU 7)<\/span><\/a><\/li>\n<\/ul>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<div id=\"pg-19667-2\"  class=\"panel-grid panel-no-style\" >\n<div id=\"pgc-19667-2-0\"  class=\"panel-grid-cell\" >\n<div id=\"panel-19667-2-0-0\" class=\"so-panel widget widget_sow-button panel-first-child panel-last-child\" data-index=\"2\" >\n<div class=\"so-widget-sow-button so-widget-sow-button-atom-5c9de4d82cbc\">\n<div class=\"ow-button-base ow-button-align-center\">\n\t<a href=\"mailto:%20vertrieb@neam.de\" class=\"ow-icon-placement-left ow-button-hover\"  rel=\"noopener noreferrer\" \t\t><br \/>\n\t\t<span><br \/>\n\t\t\t<span class=\"sow-icon-ionicons\" data-sow-icon=\"&#xf45d;\"\n\t\t ><\/span><br \/>\n\t\t\tUnterst\u00fctzung anfordern\t\t<\/span><br \/>\n\t<\/a>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<div id=\"pg-19667-3\"  class=\"panel-grid panel-no-style\" >\n<div id=\"pgc-19667-3-0\"  class=\"panel-grid-cell\" >\n<div id=\"panel-19667-3-0-0\" class=\"so-panel widget widget_sow-editor panel-first-child panel-last-child\" data-index=\"3\" >\n<div class=\"so-widget-sow-editor so-widget-sow-editor-base\">\n<div class=\"siteorigin-widget-tinymce textwidget\">\n<p>Damit Admins ihre installierten Exchange-Server-Versionen z\u00fcgig pr\u00fcfen k\u00f6nnen, <a href=\"https:\/\/aka.ms\/ExchangeHealthChecker\"  rel=\"external noopener\">Microsoft ein Skript zum Download bereit<\/a>, mit dem Admins ihre installierten Exchange-Server Versionen pr\u00fcfen k\u00f6nnen. Mit den Sicherheitsupdates schlie\u00dfen die Entwickler au\u00dferdem drei weitere Schwachstellen (CVE-2021-26412, CVE-2021-26858, CVE-2021-27078).<\/p>\n<p>Hinweis: Selbst wenn die L\u00fccken bereits vergangene Woche gepatcht worden sind, besteht eine hohe Wahrscheinlichkeit, dass sich die Hackersoftware bereits auf einem anf\u00e4lligen Server befindet. Sehr gerne <span style=\"color: #009ddd;\"><a style=\"color: #009ddd;\" href=\"mailto:vertrieb@neam.de\"  rel=\"noopener\">unterst\u00fctzen<\/a><\/span> wir Sie auch hier.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Wir haben alle Updates von Microsoft f&uuml;r Ihren Exchange Server und helfen Ihnen bei kompromittierten Servern mit der Beseitigung von Schadsoftware.<\/p>\n","protected":false},"author":41,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[20,5,6,3,7,76,18,852,4,12,17,15,16,14,8],"tags":[],"class_list":["post-3942","post","type-post","status-publish","format-standard","hentry","category-blog","category-bsi","category-isms","category-isms-bsi-iso-27001","category-iso27001","category-it-sicherheit","category-it-systeme","category-netzwerk-virtualisierung","category-notfallmanagement","category-penetrationstest","category-penetrationstests","category-risikomanagement","category-unternehmen","category-veranstaltungen","category-zertifizierung-audit"],"_links":{"self":[{"href":"https:\/\/www.kai-wittenburg.de\/index.php?rest_route=\/wp\/v2\/posts\/3942","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kai-wittenburg.de\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kai-wittenburg.de\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kai-wittenburg.de\/index.php?rest_route=\/wp\/v2\/users\/41"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kai-wittenburg.de\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3942"}],"version-history":[{"count":1,"href":"https:\/\/www.kai-wittenburg.de\/index.php?rest_route=\/wp\/v2\/posts\/3942\/revisions"}],"predecessor-version":[{"id":3943,"href":"https:\/\/www.kai-wittenburg.de\/index.php?rest_route=\/wp\/v2\/posts\/3942\/revisions\/3943"}],"wp:attachment":[{"href":"https:\/\/www.kai-wittenburg.de\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3942"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kai-wittenburg.de\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3942"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kai-wittenburg.de\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3942"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}