A critical security vulnerability affecting tens of thousands of Microsoft Exchange email servers across Europe, the United States, and Asia has left these systems exposed to remote code execution (RCE) attacks.
According to recent scans conducted by The ShadowServer Foundation, close to 20,000 Microsoft Exchange servers are currently accessible over the public internet and have reached the end-of-life (EoL) stage. These outdated servers are no longer supported by Microsoft and are therefore susceptible to a range of known security vulnerabilities.
On Friday, more than half of the systems were located in Europe. In North America, there were 6,038 Exchange servers, and in Asia 2,241 instances.
The affected Exchange servers are running unsupported versions of the software, which no longer receive security updates from Microsoft. This lack of updates leaves these servers vulnerable to known security flaws, including CVE-2021-26855.
