Earlier this month, Microsoft announced that on on-premises Exchange servers are under attack from a state-sponsored group named “HAFNIUM”. The group was using multiple 0-day exploits to access on-premises Exchange Server instances that ultimately gives access to the victims; email accounts. Shortly after the discovery, Microsoft released patches as a mitigation attempt. Thankfully, it seems that the situation is improving as Microsoft has announced that 92% of vulnerable Exchange IPs have now been patched or mitigated.
Our work continues, but we are seeing strong momentum for on-premises Exchange Server updates:
• 92% of worldwide Exchange IPs are now patched or mitigated.
• 43% improvement worldwide in the last week. pic.twitter.com/YhgpnMdlOX
— Security Response (@msftsecresponse) March 22, 2021
Microsoft announced the latest figure through the official Twitter account of the company. In the tweet, Microsoft’s Security Response Center noted that it has observed strong momentum regarding the rate of updates to the Exchange Server instances.
According to Microsoft, roughly 30,000 instances of the exchange servers aren’t patched yet which accounts for roughly 8 percent of the 400,000 instances that Microsoft has been observing since the start of this month.
Over last couple of weeks, Microsoft released several tools to assist consumers to mitigate security vulnerabilities. Although it’s unclear how long it’ll take for all of the server instances to be patched, it’s likely that all of the instances will be patched over next couple of weeks.