More than 247.000 Microsoft Exchange servers need to be informed to deal with vulnerability CVE-2020-0688, which allows remote code execution (RCE) and affects all Exchange Server versions.
RCE Vulnerability CVE-2020-0688 is located at Exchange Control Panel (ECP) component - which is enabled by default - and can be used by attackers who want to take control of vulnerable Exchange servers through valid e-mail credentials.
In March, both the CISA As well as the NSA urged organizations and companies to update their Microsoft Exchange servers as soon as possible, as many APT groups were already beginning to exploit the vulnerability.
61% of servers that are vulnerable have not been fixed
The number of exposed Microsoft Exchange servers is very large. 61,10% (247,986 out of 405,873 in total) of vulnerable servers are still exposed to ongoing attacks.
Security researchers Rapid7 found that 87% of 138.000 Exchange 2016 servers and 77% of approximately 25.000 Exchange 2019 servers were exposed to vulnerability CVE-2020-0688.
Also vulnerable, according to Rapid7, are 16.577 Exchange 2007 servers accessible via the Internet. This is a version that is no longer supported, so it has not received any updates security.
Users must update Microsoft Exchange servers
IT staff and system administrators should update Exchange servers and check for signs violation.
According to Bleeping Computer, Microsoft has stressed that there is no alternative way to mitigate the risk associated with CVE-2020-0688 vulnerability. All users can do to protect themselves is to install the updates.
In the table below, there are links that lead to updates security for vulnerable versions of Microsoft Exchange Server:
|Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 30||4536989||Security Update|
|Microsoft Exchange Server 2013 Cumulative Update 23||4536988||Security Update|
|Microsoft Exchange Server 2016 Cumulative Update 14||4536987||Security Update|
|Microsoft Exchange Server 2016 Cumulative Update 15||4536987||Security Update|
|Microsoft Exchange Server 2019 Cumulative Update 3||4536987||Security Update|
|Microsoft Exchange Server 2019 Cumulative Update 4||4536987||Security Update|