After it became known on Friday, December 10, 2021, all systems of the GWDG were checked for vulnerability and appropriate countermeasures were initiated. Systems on which immediate countermeasures were not possible for technical or organizational reasons were shut down or access was restricted as a precaution. Despite a rapid response and extensive analyses, it cannot be ruled out that individual systems are still affected or have already been compromised. Our investigations are still ongoing.
Responsible persons running services or software on GWDG infrastructure (e.g. vServers) are strongly advised to check their systems for this vulnerability as well. The BSI has published recommendations for action in the press release linked above.