Software & Equipment Notifications
Important Announcements and Security Updates

WS_FTP Server Software Notification

Important Notification: Potential Vulnerability

BlueCrest provided DC Verify servers with WS_FTP Server software installed may be at risk of potential vulnerabilities.

The WS_FTP software is a qualified 3rd party software application that is at times used for file transfers between client servers and inserter operations (DC Verify File Server) to bring inserter mail run files down into the inserter environment for processing.

The security and integrity of your data are of utmost importance to us. Please be advised of the steps BlueCrest is taking and that you may be required to take to address this potential vulnerability.

Further information on this software vulnerability can be found at: https://www.ipswitch.com/blog/security-update-for-ws_ftp-server-customers?_ga=2.57501226.1220009387.1697632712-1980354733.1697632712.

To ensure the safety of your servers, we kindly request your prompt cooperation.

Affected BlueCrest DC Verify Servers

• Windows Server 2022 & 2016
  If your server is maintained under a BlueCrest Equipment Maintenance Agreement (EMA), please note that we are proactively working with your BlueCrest service team to assess and remediate the vulnerability, as and if required. If your server is not maintained under an EMA or you are not certain whether the server is maintained under an EMA, please contact your BlueCrest service representative or BlueCrest service support at the email address noted below.
  
  
• Windows Server 2012 & 2008 (OLDER End-of-Service Platforms)
  These server versions are very old and prior EOS (End of Service) communications have been announced. It is highly recommended that IF any of these servers are still onsite that they be immediately (i) disconnected from the internet and (ii) replaced to address the risk.

We understand the urgency of this matter and are committed to providing any necessary guidance and recommended actions to mitigate potential risk. If you have any questions or need further assistance, please do not hesitate to contact BlueCrest service support at wsftp.support@bluecrestinc.com or your BlueCrest account representative.

Your security is our top priority, and we appreciate your immediate attention to this matter.

Thank you for your cooperation in safeguarding your systems against potential vulnerabilities.