Over 370,000 Exchange Server instances have now been patched or mitigated

Microsoft Exchange logo monochrome with red outer glow on dark background

This month has been particularly problematic for IT admins who have been rushed into applying patches to on-premises Exchange Server instances following attacks from state-sponsored and other criminal groups. However, it now appears that the situation is improving, as Microsoft has announced that 92% of vulnerable Exchange IPs have now been patched or mitigated.

This piece of news comes from the official Microsoft Security Response Center (MSRC) Twitter account, which noted that it has observed "strong momentum" with respect to how quickly Exchange Server instances are being patched:

As can be seen in the graphic above, almost 30,000 instances have not been patched yet, which translates to roughly 8% among the universe of 400,000 instances that Microsoft has been observing since March 1, based on telemetry data from RiskIQ.

Apart from effort from IT admins, the significant decrease can be attributed to the multiple advisories that Microsoft has published in the past couple of weeks, as well as one-click tools and automatic mitigation capabilities it introduced to Microsoft Defender. The firm also released out-of-band updates to on-premises Exchange Server instances that are not supported anymore. It remains to be seen how long it will take for the remaining instances to be patched, but Microsoft will likely be banking on the ongoing momentum to continue for the next few weeks in order for that to happen.

Report a problem with article
Screenshot of File Explorer with new icons
Next Article

Windows 10 is getting all-new icons in the File Explorer

1540194677_product_24096_product_shot_wide_image
Previous Article

Pay What You Want for this Complete White Hat Hacker Certification Bundle

6 Comments - Add comment

Advertisement