Remote code execution vulnerabilities exist on hundreds of Microsoft Exchange email servers located in Europe, the United States, and Asia that are accessible over the public internet.
The mail systems are using software that is out of support and isn’t getting any upgrades, leaving them open to a number of security flaws, some of which have a critical severity rating.
Nearly 20,000 Microsoft Exchange servers that have reached the end-of-life (EoL) stage are still accessible over the public internet, according to internet scans conducted by The ShadowServer Foundation.Additionally, the researcher looked at the update rate and found that, since April of this year, there have only been 18,5% less EoL Exchange servers globally than there were in 43,656, a decline that Sejiyama believes is inadequate.