Security News > 2021 > March > Microsoft: 92% of Exchange servers safe from ProxyLogon attacks
Roughly 92% of all Internet-connected on-premises Microsoft Exchange servers affected by the ProxyLogon vulnerabilities are now patched and safe from attacks, Microsoft said on Monday.
A total of 400,000 Internet-connected Exchange servers were impacted by the ProxyLogon vulnerabilities when Microsoft issued the initial security patches, on March 2, with over 100,000 of them still unpatched one week later, on March 9.
From around 82,000 unpatched Exchange servers on March 14, according to Microsoft, there are now roughly 30,000 still exposed to attacks around the world according to RiskIQ data.
Microsoft Defender Antivirus has been updated to automatically protect unpatched Exchange servers from ongoing attacks by automatically mitigating the actively exploited ProxyLogon bugs.
This month, Microsoft disclosed that four zero-days were actively being exploited in attacks against on-premises Microsoft Exchange servers.
Since Microsoft disclosed the ongoing attacks, Slovak internet security firm ESET has also discovered at least ten APT groups targeting unpatched Exchange servers.
News URL
Related news
- DOJ, Microsoft seize 107 domains used in Russia's Star Blizzard phishing attacks (source)
- Microsoft and DOJ disrupt Russian FSB hackers' attack infrastructure (source)
- Microsoft fixes Remote Desktop issues caused by Windows Server update (source)
- New scanner finds Linux, UNIX servers exposed to CUPS RCE attacks (source)
- Microsoft issues 117 patches – some for flaws already under attack (source)
- Microsoft Detects Growing Use of File Hosting Services in Business Email Compromise Attacks (source)
- Microsoft deprecates PPTP and L2TP VPN protocols in Windows Server (source)
- Microsoft: Ransomware Attacks Growing More Dangerous, Complex (source)
- Cybercriminals Exploiting Docker API Servers for SRBMiner Crypto Mining Attacks (source)
- Exploit released for new Windows Server "WinReg" NTLM Relay attack (source)