At Least 17,000 Microsoft Exchange Servers Are Unpatched and Exposed to Attacks, German Authorities Say

The Federal Office for Information Security in Germany issued a warning that at least 17,000 vulnerable Microsoft Exchange servers countrywide suffer from one or more unpatched critical vulnerabilities.

Microsoft Exchange servers are always on hackers' radar because they hold a lot of valuable information and can be used to compromise organization networks further. It's a common type of server, with schools, hospitals, clinics, and universities among the organizations that deploy email servers, besides companies.

Unfortunately, not all companies or organizations are quick to patch vulnerabilities when fixes become available. Even for critical vulnerabilities, it can take months or longer before administrators patch issues. These are exactly the types of targets criminals look for.

"Around 45,000 Microsoft Exchange servers in Germany can currently be accessed from the Internet without restrictions," said the BSI in a press release. "According to current findings from the BSI, around twelve percent of them are so outdated that security updates are no longer offered for them."

"Around 25 percent of all servers are operated with current versions of Exchange 2016 and 2019, but have an outdated patch version. In both cases, the servers are vulnerable to several critical vulnerabilities. This means that at least 37 percent of all Microsoft Exchange servers openly accessible from the Internet are vulnerable," they added.

This is a very conservative value, as there are likely many more such servers in the wild. CVE-2024-21410 is just one of the vulnerabilities mentioned by the BSI, which has been recently patched and carries a 9.8 rating (out of 10), meaning that it's extremely dangerous. Moreover, authorities have already observed threat actors using this vulnerability to compromise servers all over the world