Dutch security agency says 1,200 ‘vulnerable’ Microsoft servers affected by security loophole as data stolen, emails sold online

Some 1,200 Microsoft email servers in the Netherlands are almost certainly infected, the country's National Cyber ​​Security Center (NCSC) said on Tuesday, as it urged companies to update their software and assess the damage.

If there are vulnerabilities in the Microsoft Exchange Server, it means that “data is stolen, malware is placed, back doors are built in and mailboxes are offered on the black market,” the NCSC said in a statement.

Cybercriminals may also be able to access other systems through Exchange, the NCSC warned, although it did not detail when specific attacks had been carried out or identify any victims.

Around 90 percent of the Netherlands’ Microsoft’s Exchange servers have been updated, but “a large number of servers remain vulnerable,” the NCSC said.

The agency’s warning comes after a Vietnamese security researcher last week published what appeared to be the first “proof-of-concept” demonstration of how malicious code can be used to exploit Exchange’s vulnerabilities.

The NCSC’s statement referred to the demonstration, the release of which was condemned by security analysts, who said it could be used to commit cybercrime.

“Organizations and companies that still need to update are advised to do this as soon as possible, and to investigate what damage has been done,” the NCSC said.

Microsoft’s email and calendaring software was also thrown into the spotlight after it was reported last week that hackers had launched an attack on the Norwegian parliament.

Data was stolen in the attack, which was related to a “vulnerability” in the Exchange software – the second such incident to hit the parliament in six months.

Like this story? Share it with a friend!