Security News > 2021 > March > Microsoft: 92% of Exchange servers safe from ProxyLogon attacks
Roughly 92% of all Internet-connected on-premises Microsoft Exchange servers affected by the ProxyLogon vulnerabilities are now patched and safe from attacks, Microsoft said on Monday.
A total of 400,000 Internet-connected Exchange servers were impacted by the ProxyLogon vulnerabilities when Microsoft issued the initial security patches, on March 2, with over 100,000 of them still unpatched one week later, on March 9.
From around 82,000 unpatched Exchange servers on March 14, according to Microsoft, there are now roughly 30,000 still exposed to attacks around the world according to RiskIQ data.
Microsoft Defender Antivirus has been updated to automatically protect unpatched Exchange servers from ongoing attacks by automatically mitigating the actively exploited ProxyLogon bugs.
This month, Microsoft disclosed that four zero-days were actively being exploited in attacks against on-premises Microsoft Exchange servers.
Since Microsoft disclosed the ongoing attacks, Slovak internet security firm ESET has also discovered at least ten APT groups targeting unpatched Exchange servers.
News URL
Related news
- Microsoft 365 outage impacts Exchange Online, Teams, Sharepoint (source)
- New NachoVPN attack uses rogue VPN servers to install malicious updates (source)
- Microsoft re-releases Exchange updates after fixing mail delivery (source)
- Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks (source)
- Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users with AiTM Attacks (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)
- Microsoft enforces defenses preventing NTLM relay attacks (source)
- Hackers Use Microsoft MSC Files to Deploy Obfuscated Backdoor in Pakistan Attacks (source)
- Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks (source)