Thousands of Microsoft Exchange servers left open to attack
As many as 20,000 Microsoft Exchange servers could be at risk
Thousands of companies around the world are running extremely behind on updating their Microsoft Exchange email servers, putting their organizations at enormous risk of malware, data theft, ransomware, and other cyber threats.
A new report from The ShadowServer Foundation uncovered almost 20,000 internet-connected servers running versions of software that reached end-of-life (EoL) and are as such no longer receiving critical security updates.
These servers are located mostly in Europe (more than half), the United States (around 6,000), and different Asian countries (around 2,200), it was said.
Exploiting the flaws
But security researcher Yutaka Sejiyama from Macnica believe that the problem is even bigger than that. They took to Shodan to scan for vulnerable Exchange servers and found more than 30,000 endpoints, and that as of late November 2023, there were more than 26,000 instances of Exchange Server 2013, more than 4,000 Server 2010 instances, and 275 instances of Exchange Server 2007.
Earlier this year, in April, there were only 18% more vulnerable servers, which Sejiyama says is too slow of an upgrade rate.
“Even recently, I still see news of these vulnerabilities being exploited, and now I understand why. Many servers are still in a vulnerable state,” Sejiyama said.
Microsoft Exchange email servers are a popular target among cybercriminals as they allow them easy access into the target network, and often contain sensitive information such as login credentials, important communication, and vital files. In January this year, The ShadowServer Foundation warned that companies were too slow to patch their servers against ProxyNotShell, a vulnerability that allowed threat actors to execute malicious code, remotely.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
The best way to remain secure against ProxyNotShell and other pests invading Exchange servers is to use the latest version of the software and keep it updated at all times.
Via BleepingComputer
More from TechRadar Pro
- Thousands of Microsoft Exchange servers are still vulnerable to this dangerous flaw
- Here's a list of the best firewalls today
- These are the best endpoint protection software right now
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.