Rapid Patching of Microsoft Exchange Servers
As the attacks against vulnerable Microsoft Exchange servers happening rapidly, system admins are advised to apply the patch immediately to avoid falling for the hacks. This included many warning notices from security agencies, law enforcement, and government boards. It all started when Microsoft discovered four zero-day vulnerabilities in its Exchange servers, which could let an attacker breach in and exfiltrate data and also conduct other exploitations. While Microsoft has released patches for securing them quickly after finding out, it become hard for researchers to make system admins believe the seriousness of the incident. We’ve seen cyber watchdog of the UK saying at least half of the 7,000 Exchange servers remained vulnerable in the UK, and there are hundreds of thousands of such servers around the world in the same situation. But now, the situation seems to be improving since the latest statistics from RiskIQ revealed that around 92% of Exchange server IPs have been patched.
— Security Response (@msftsecresponse) March 22, 2021 RiskIQ is working with Microsoft since day one of this incident, and been tracking the affected systems online. The latest statistics show a good improvement of 43% increase from last week, hinting that system admins are finally considering the seriousness of the attacks. Microsoft has released patches for Microsoft Exchange Server 2013, Exchange Server 2016, and Exchange Server 2019. Also, it has shared mitigation measures and launched one-click mitigation tool for safeguarding against the hacks on vulnerable Exchange servers. Further, the Windows Defender is revamped to detect and mitigate the attacks.