1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Thousands of Microsoft Exchange servers remain unpatched against

    From TechnologyDaily@1337:1/100 to All on Tue Aug 12 18:00:08 2025
    Thousands of Microsoft Exchange servers remain unpatched against major threat - here's what to do to stay safe

    Date:
    Tue, 12 Aug 2025 16:47:00 +0000

    Description:
    Improper authentication bug found in Microsoft Exchange hybrid environments that could grant threat actors lateral movement across the network.

    FULL STORY ======================================================================Microsof t sounded the alarm on a hybrid Exchange bug in early August 2025 However almost 30,000 instances remain vulnerable Microsoft has advised users how to defend their endpoints, so patch now

    Almost a week after Microsoft publicized finding and patching a dangerous, high-severity flaw in hybrid Exchange deployments , experts have warned thousands of endpoints remain vulnerable.

    The Shadowserver Foundation, a nonprofit organization dedicated to empowering the cybersecurity community, claims 29,000 Exchange servers remain unpatched and exposed online, basically inviting threat actors to break in and cause trouble.

    Matters could be even worse as activity from on-prem Exchange doesnt always generate logs associated with malicious behavior in Microsoft 365, which
    could result in cyberattacks not being spotted via cloud-based auditing. Escalating privileges

    Microsoft has urged customers to be on high alert for an improper authentication bug, which could allow threat actors with admin access to an on-prem Exchange Server to escalate privileges into the connected Exchange Online environment due to trust flaws in shared service principal configurations.

    Of the affected servers, 7,200 are located in the United States, 6,700 are in Germany, and around 2,500 are in Russia.

    A hybrid Microsoft Exchange deployment combines on-premises Exchange servers with Exchange Online in Microsoft 365, allowing them to work together as one system. It lets organizations support seamless email, calendar, and contact sharing across both environments.

    "In an Exchange hybrid deployment, an attacker who first gains administrative access to an on-premises Exchange server could potentially escalate
    privileges within the organization's connected cloud environment without leaving easily detectable and auditable trace," Microsoft said. Both Exchange Server 2016 and Exchange Server 2019 are affected, and so is Microsoft Exchange Server Subscription Edition.

    Even though there is no evidence of abuse in the wild yet, Microsoft has
    urged its customers to apply April 2025 hotfixes, transition to the dedicated Exchange Hybrid app, and reset the shared service principals credentials to mitigate the risk.

    Via BleepingComputer You might also like Microsoft urges users to be on
    alert following high-severity flaw in hybrid Exchange deployments Take a look at our guide to the best authenticator app We've rounded up the best password managers



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/thousands-of-microsoft-exchange-servers -remain-unpatched-against-major-threat-heres-what-to-do-to-stay-safe


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)