Security News > 2021 > March > Microsoft Exchange Servers See ProxyLogon Patching Frenzy

The patching level for Microsoft Exchange Servers that are vulnerable to the ProxyLogon group of security bugs has reached 92 percent, according to Microsoft.

Our work continues, but we are seeing strong momentum for on-premises Exchange Server updates: 92% of worldwide Exchange IPs are now patched or mitigated.

The good news on patching comes as a whirlwind of ProxyLogon cyberattacks has hit companies across the globe, with multiple advanced persistent threats and possibly other adversaries moving quickly to exploit the bug.

Microsoft said in early March that it had spotted multiple zero-day exploits in the wild being used to attack on-premises versions of Microsoft Exchange servers.

"If for some reason you cannot update your Exchange servers immediately, Microsoft has released instructions for how to mitigate these vulnerabilities through reconfiguration - here, as they recognize that applying the latest patches to Exchange servers may take time and planning, especially if organizations are not on recent versions and/or associated cumulative and security patches," he said.

Vectra's Tavakoli noted that the mitigation guides and tools Microsoft has supplied don't necessarily help post-compromise - they are intended to provide mitigation in advance of fully patching the Exchange server.

News URL

https://threatpost.com/microsoft-exchange-servers-proxylogon-patching/165001/