20,000 Microsoft Exchange servers have reached end-of-life and are vulnerable to attack

BleepingComputer reports that nearly 20,000 Microsoft Exchange servers that have reached end-of-life continue to be exposed to the internet and are at risk of remote code execution attacks. While most of the servers that reached end of support were in Europe, more than 6,000 of the vulnerable servers were in North America, according to The ShadowServer Foundation, which noted that some of the internet-exposed servers could be compromised with the critical ProxyLogon vulnerability. However, such figures could still be underrated as Shodan scans conducted by Macnica security researcher Yutaka Sejiyama revealed 30,635 internet-exposed systems running on unsupported Microsoft Exchange software around the world, most of which were on Exchange Server 2013. Such figures represent an 18% decline in the number of EoL Exchange servers from April. "Even recently, I still see news of these vulnerabilities being exploited, and now I understand why. Many servers are still in a vulnerable state," Sejiyama said.