Friday, July 3, 22:30
Home security 80% of Microsoft Exchange Servers have not received a patch for a critical error!

80% of Microsoft Exchange Servers have not received a patch for a critical error!

Η Microsoft recently corrected a critical remote code execution error in Microsoft Exchange Server. This error allows hackers to use accounts Exchange users to breach the system. More specifically, this error is found in the Exchange control panel (ECP), which can be used for management mailboxes, distribution teams, contacts from the mailbox and other items related to the organization level. According to research conducted by Rapid 7 with Project Sonar, more than 350.000 Exchange Servers that displayed this error were exposed to the Internet. The Project Sonar is a tool used by the security company to conduct various online surveys services and protocols to detect any errors.

The results of the research conducted by Rapid 7 with Project Sonar showed that more than 430.000 Exchange Servers were found to be connected to Internet, while at least 360.000 of them, or about 82.5%, made a mistake. The company said the remote and uncertified control however, it does not provide exact details about these data and therefore cannot be absolutely certain of the results. He also noted that the relevant update security Microsoft does not always update the build number, which leads to uncertainty. The company also said that more than 30.000 Exchange Servers of 2010 have been updated since 2012, while 800 Exchange Servers have never been updated.

Already many APT hackers attempt to exploit a remote code execution error detected on exchange email servers and recently received patches. According to Microsoft, the error was due to a vulnerability in the memory of the Microsoft Exchange, which could be used by hackers, by sending malicious messages. emails on vulnerable Exchange Servers. Microsoft has fixed it vulnerability in February 2020, advising users to make the appropriate updates to address it.


Please enter your comment!
Please enter your name here

Every accomplishment starts with the decision to try.


Avaddon ransomware: Attacks through Excel 4.0 macros

Microsoft announced yesterday that Avaddon ransomware spread this week through an old technique that came to the fore again. The...

Apple: Prohibits updating Chinese Apps without permission

Apple is banning developers from updating existing apps in China's App Store if they don't have government approval.

Australia: Thousands of MyGov accounts are sold on the Dark Web

Access to more than 3600 MyGov accounts is being sold on the dark web, potentially exposing thousands of Australians to fraud and identity theft.

Party Time: Watch TV with your friends online

Party Time: Watch TV with your friends on the internet Time for a different party than you are used to, watching your favorite ...

CISA and FBI warn businesses of Tor's risks

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have issued a warning to businesses regarding ...

openSUSE: The new Leap 15.2 hard drive has been released

Recently, the next stable version of the openSUSE operating system was released. According to the development team of the operating system, ...

What are the most popular types of malware?

Researchers are looking for the most common types of malware. During the investigation of the malicious activities, the researchers in cyberspace focus ...

REvil ransomware: Target the Light SA electricity company

The operators of REvil ransomware (also known as Sodinokibi) violated the Brazilian electricity company Light SA ...

LinkedIn: Our bug is due to an iOS problem

A representative of LinkedIn told ZDNet yesterday that an error in the iOS application was responsible for a seemingly "interfering behavior" that ...

Valak Info Stealer targets businesses in Europe and America

Many businesses in North and South America, but also in Europe, have fallen victim to the infamous Valak Info Stealer.