HomeWinBuzzer NewsEnd-of-Life Microsoft Exchange Servers Pose Significant Cybersecurity Threat

End-of-Life Microsoft Exchange Servers Pose Significant Cybersecurity Threat

20,000 Microsoft Exchange servers are vulnerable to cyberattacks due to outdated software. Experts recommend upgrading to supported versions

-

A significant number of Exchange email servers, approximating 20,000, have been identified as exposed to potential due to outdated software versions that no longer receive updates. The vulnerability mainly affects Europe, the United States, and Asia.

Implications of the Exposure

The affected mail systems include versions such as Exchange Server 2007, which have reached their end-of-life and thus are no longer supported by Microsoft with any security updates. These vulnerabilities are not merely theoretical; several, including ProxyLogon, have been exploited in past attacks.

Recommended Actions

Experts strongly recommend that organizations running these outdated servers prioritize upgrading to supported versions or applying available security measures. While certain mitigations may exist, without updates, the servers remain at risk, underscoring the urgent need for action to prevent potential breaches and data theft.

A recent report by The ShadowServer Foundation has unveiled that around 20,000 servers, still operational and available over the public internet, are running unsupported versions of the software. With the end-of-life status of these systems, they are prone to a host of security issues, including remote code execution flaws. Internet scans by The ShadowServer Foundation highlighted this alarming security lapse, noting that over half of these vulnerable systems are located in Europe, followed by significant numbers in North America and Asia.

ShadowServer says the following vulnerabilities have been observed:

The scan carried out by ShadowServer was supplemented by research from Macnica security researcher Yutaka Sejiyama, who discovered more than 30,000 instances of such unsupported Exchange servers. Echoing the gravity of the situation, Sejiyama comments on the slow rate of updates, finding that the global number of end-of-life Exchange servers decreased by only 18% since April from an initial figure of 43,656. This reduction pace is perceived as insufficient given the continued exploitation of these vulnerabilities.

A variety of remote code execution risks have been tied to these servers. Specifically, Sejiyama points out that about 1,800 Exchange systems are at risk from ProxyLogon, ProxyShell, or ProxyToken vulnerabilities. Even though not all have been given a critical severity score by Microsoft, the company has designated them as “important” and indicated most are “more likely” to be exploited.

For companies still operating on these outdated servers, mere implementation of mitigations is inadequate. Microsoft's best practice is to install updates on any servers facing the internet as a priority. If organizations are managing servers that have already reached their end of support, the only secure path forward is an upgrade to a supported version that receives at least security updates. The urgency of this issue underscores a critical need for businesses to reassess their strategy, particularly those employing legacy systems in their operations.

Luke Jones
Luke Jones
Luke has been writing about all things tech for more than five years. He is following Microsoft closely to bring you the latest news about Windows, Office, Azure, Skype, HoloLens and all the rest of their products.

Recent News