Almost four months after Microsoft patched a serious vulnerability in Microsoft Exchange servers, more than 350,000 Internet-connected servers continue to be vulnerable to the privilege escalation flaw, according to a report published on Wednesday.
While Microsoft patched the issue (CVE-2020-0688) in February, more than 80% of Internet-connected Microsoft Exchange servers remain vulnerable, requiring attackers to find or phish only a single valid credential to completely compromise a company's email system, threat-protection firm Rapid7 stated in its "2020: Q1 Threat Report." According to the company's scan data, only 7,000 systems — about 2% of the total — have been patched in the four weeks between the end of March and end of April, indicating that companies are not prioritizing the issue.
While Microsoft has only rated the vulnerability as "important," attackers' focus on collecting credentials means that the barrier to exploiting the vulnerability is actually quite low, says Wade Woolwine, principal security researcher at Rapid7.
"This vulnerability gives attackers something to do with all those credentials that they have phished from your employees," he says. "It's really important for companies to patch these types of vulnerabilities, even if they are on a defined 30-day patch cycle."
Email and messaging servers are a popular target of sophisticated hackers and state-sponsored espionage actors. Russia's military intelligence agency, for example, has targeted vulnerable EXIM mail servers, exploiting them to gain access to the contents of organization's e-mail messages. Two years after Microsoft closed security holes in the Outlook mail client, Iranian hackers continued to atte ..
Support the originator by clicking the read the rest link below.
