1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Thousands of Microsoft servers are at risk from some serious secu

    From TechnologyDaily@1337:1/100 to All on Wed May 10 18:30:04 2023
    Thousands of Microsoft servers are at risk from some serious security bugs

    Date:
    Wed, 10 May 2023 17:12:08 +0000

    Description:
    IT teams are super slow at patching, putting their endpoints at serious risk.

    FULL STORY ======================================================================

    IT teams operating Microsoft Exchange servers are very slow at patching their endpoints, resulting in thousands of devices still being vulnerable to some high-severity flaws.

    This is according to a new report on CyberNews, which claims more than 85,000 servers are still exposed to multiple remote code execution (RCE) vulnerabilities, namely CVE-2023-21529, CVE-2023-21706, and CVE-2023-21707.

    The report has described the flaws as extremely dangerous due to the fact
    that they can allow the threat actors to run malicious code and compromise peoples inboxes and email messages sitting on the servers. Disregarding the threat

    The flaws were discovered in mid-February 2023, with Microsoft being quick to release a patch to address the issue.

    However, many IT teams are yet to apply these patches, theyre saying. In
    fact, as per Shadowserver Foundation data, the number of vulnerable servers
    in February was 87,000, meaning the vast majority of IT teams basically disregarded this security threat and simply decided not to apply the fix.

    The researchers analyzed roughly 250,000 internet-connected Microsoft
    Exchange servers and found exactly 85,261 to be exposed to these RCE flaws (34.33%). Most of the vulnerable servers were located in Germany - 18,000 of them.

    The US is second-placed with almost 16,000 servers, followed by the UK (3,734), France (2,959), and Russia (2,775). Russia and China were particularly interesting, as companies in these countries preferred older versions of MS Exchange 2016, although newer versions were still used in the 2019 and 2013 releases, the researchers said. Read more

    Goodbye Patch Tuesday - Microsoft Autopatch is here


    Microsoft Patch Tuesday update has broken another really important
    software


    These are the firewalls right now

    The impact is roughly the same, but the vulnerabilities are different.

    While its hard to determine who might use these flaws, and to what purpose, Cybernews does stress that similar vulnerabilities were exposed in the past
    by Russian state-sponsored actors. The publication claims these flaws are not unlike the ones used by the GRU in 2020 to engage in large-scale attacks against government agencies, businesses, and organizations. Here's our list
    of the best endpoint protection services around

    Via: Cybernews



    ======================================================================
    Link to news story: https://www.techradar.com/news/thousands-of-microsoft-servers-are-at-risk-from -some-serious-security-bugs


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)