Home » Technology » Microsoft » Warning: Microsoft Will Update Unpatched Exchange Servers

Warning: Microsoft Will Update Unpatched Exchange Servers

There are still numerous security problems caused by unpatched Exchange servers. Microsoft is now urging customers to carry out the security updates that have been available for a long time in order to be prepared for waves of attacks with ProxyShell and ProxyLogon.

Microsoft is now requiring admins to patch and secure their Exchange servers on-premises. This renewed warning comes after emergency security updates were issued to close the ProxyLogon vulnerabilities. The vulnerability was actively exploited in attacks almost unnoticed two months before the release of the official patches.

At least ten hacker groups have specialized in the so-called ProxyLogon vulnerabilities for various purposes. They penetrate company networks, steal data, encrypt systems, and demand ransom for the data shares.

Exchange servers are highly desirable targets

The background is that tens of thousands of Exchange servers are still waiting to be secured. According to an analysis by the security company Prodaft, Exchange servers are very popular targets that are currently being attacked primarily by the hacker group FIN7. To do this, FIN7 operates an automated attack platform called Checkmarks, which was specially developed for penetrating Exchange servers.

Attackers have a clear field

The attackers automatically scan the Internet for vulnerable targets. More than 8,000 companies could now be the focus of hackers, reports Prodaft. Prodaft isn’t the only company warning of the threats with such numbers. A week after Microsoft released security updates, the Dutch Institute for Vulnerability Disclosure (DIVD) still found 46,000 servers that were not patched against the ProxyLogon bug.

This shows how many companies are exposed to such attacks and how secure the data (including that of customers) is. Microsoft should therefore be quite concerned. However, the group also knows that the Exchange update process prevents many administrators from installing updates. Therefore, Microsoft is already rethinking automatic server updates.