If your org uses Microsoft Exchange I *strongly* recommend you make sure the patch for CVE-2020-0688 (Feb 11) is installed.

Unpatched means phished user = SYSTEM on OWA servers.

@Rapid7 Project Sonar found at least 357,629 unpatched hosts.

Blog post: https://blog.rapid7.com/2020/04/06/phishing-for-system-on-microsoft-exchange-cve-2020-0688/">https://blog.rapid7.com/2020/04/0...

The count of hosts vulnerable to CVE-2020-0688 is likely higher. Imprecision of the exposed version numbers combined with MS patches not updating build numbers in some cases makes it hard to tell for those hosts running the last revision.

Our survey ran on March 24th. Thanks to @hrbrmstr you can see the version distribution in this image:

Are you running Exchange 2010? That goes end of support in October 2020. After that there will be no security or bug fixes. It was originally scheduled to go EoS Jan of this year.
There are over 800 publicly facing 2010 *RTM* servers. They& #39;ve never been patched.

Exchange 2007? That went EoS in 2017. We found over 10,000 of those.

Adding to this thread: https://twitter.com/TomSellers/status/1247530302974488576">https://twitter.com/TomSeller...