"85K+ MS Exchange Servers Remain Vulnerable to Severe RCE Bugs"
According to researchers at Cybernews, months after Microsoft urged organizations to update their software to address Exchange server vulnerabilities, over 85,000 servers remain vulnerable to attack. Russia-linked malicious actors have exploited similar vulnerabilities to conduct large-scale attacks against government agencies. Microsoft discovered new vulnerabilities in Microsoft Exchange on February 14 and called on software users to patch them by installing the most recent security updates. The Remote Code Execution (RCE) vulnerabilities, tracked as CVE-2023-21529, CVE-2023-21706, and CVE-2023-21707, can allow attackers to execute malicious code and access other users' private emails and inboxes. The only requirement for an adversary to access the server is to have a Microsoft Exchange account, which is not difficult, as it can be done by malicious employees, students, or other users. Threat actors could also attempt to conduct a phishing attack on a single user and, if successful, gain access to the organization's email system. Although gaining access to confidential and private information is the primary concern, the vulnerabilities could also be exploited for initial network access to launch ransomware or extract sensitive data from other servers on the same network. This article continues to discuss over 85,000 Microsoft Exchange servers still being vulnerable to RCE flaws.
Cybernews reports "85K+ MS Exchange Servers Remain Vulnerable to Severe RCE Bugs"