Skip to main content

Microsoft says 92% of Exchange servers have been patched or mitigated

Microsoft logo
Microsoft logo (Image credit: Daniel Rubino / Windows Central)

What you need to know

  • 92% of vulnerable Exchange servers have been patched or mitigated.
  • That marks a 43% improvement over last week.
  • Patching a server does not protect them if they have already been compromised.

Microsoft states that 92% of vulnerable Exchange servers have been patched or mitigated. That figure shows an improvement of 43% over last week, according to Microsoft. The company states that there is strong momentum for on-premises Exchange server updates.

It's important to note that patching or mitigating a vulnerability does not protect servers that have already been compromised. IT admins need to check to see if their systems have been exploited.

Microsoft has taken several steps to address the widespread attack on its Exchange server software. The company released an emergency fix for the vulnerability and released a one-click mitigation tool. Microsoft also updated Microsoft Defender to address one vulnerability.

See more

Threat actors jumped on the opportunity to go after unpatched Microsoft Exchange servers. Check Point Research saw exploitation attempts on organizations double every 2-3 hours over a 24-hour period earlier this month.

Researchers at F-Secure said that servers are being hacked faster than they can count. In a report from March 19, Antii Laaktikainen, senior security consultant at F-Secure (opens in new tab) said, "Tens of thousands of servers have been hacked around the world. They're being hacked faster than we can count. Globally, this is a disaster in the making" (via ZDNet.

Sean Endicott
News Writer and apps editor

Sean Endicott brings nearly a decade of experience covering Microsoft and Windows news to Windows Central. He joined our team in 2017 as an app reviewer and now heads up our day-to-day news coverage. If you have a news tip or an app to review, hit him up at sean.endicott@futurenet.com (opens in new tab).

1 Comment
  • It’s Antti Laatikainen, not Antii Laaktikainen.