Watchdog says some Microsoft Exchange servers in Canada affected by security gap

Published March 17, 2021 at 9:32 pm

Anthony Urciuoli/ photo

Canada’s main cybersecurity watchdog has issued another warning that organizations of all sizes need to protect themselves from a recently discovered vulnerability in Microsoft Exchange email servers.

The Canadian Centre for Cyber Security said it has received reports that some Microsoft Exchange servers in Canada haven’t been updated with software patches that close a security gap that was confirmed earlier this month.

“The Cyber Centre has received reporting that continue to show unpatched systems internationally, including within Canada. Some of these systems within Canada have been further compromised with malware,” the centre said on its website.

The alert is the third from the Canadian Cyber Security Centre since early March, when Microsoft published several security updates for Exchange email servers.

Microsoft Exchange servers are widely used around the world to handle email for businesses and public sector organizations.

According to The Associated Press, the head of German government’s cybersecurity agency issued a similar warning to IT system administrators on Friday.

At the time, the German cybersecurity authority said there were 20,000 known open systems in that country.

Canada’s most recent warning to IT professionals, dated Tuesday, didn’t say how many systems in this country still required patches.

However, it did mention the threat posed by a new family of ransomware, known as DearCry, that Microsoft identified in a Tweet on March 11.

David Paddon, The Canadian Press

INsauga's Editorial Standards and Policies