Heimdal™ Releases Vulnerability Data on the Microsoft Exchange Patch
Over 85%* of organizations have already patched their systems
Copenhagen, March 11, 2021 – According to Heimdal™ ‘s internal data, 85% of organizations have already applied the readily available patches that address the Microsoft Exchange vulnerabilities, through the use of automated vulnerability management and deployment.
13% of organizations still have the update in their manual update queues, with deployment expected in a matter of 24-48 hours.
We estimate that 97% of customers would have already updated their vulnerable systems by the end of this week, with the remainder of 3% expected to patch the vulnerability in the following days. Hence, Heimdal™ telemetry suggests that most companies would be protected from further exploitation by the end of next week.
At least 30,000 U.S. organizations already hacked due to the security holes in Microsoft Exchange
As reported by Brian Krebs, “at least 30,000 organizations across the United States – including a significant number of small businesses, towns, cities and local governments” have been hit. The vulnerabilities are actively exploited by the state-sponsored threat group Hafnium, and also appear to have been adopted by other malicious groups in extensive attacks.
We urge Exchange users who have not done so already to apply the patches immediately, as the vulnerabilities could allow various malicious actors to exploit any system that has remained unpatched.
As a general tip
In today’s threat landscape, an automated patch management process is crucial when it comes to accelerating the response to vulnerabilities. Oftentimes, security flaws are exploited before an organization has the time to react.
Heimdal™ is willing to assist any company coping with the consequences of a bad Microsoft Exchange Server incident in setting up an automatic patching process to avoid a similar scenario in the future.
Yesterday we announced an emergency intervention to fix flaws associated with the Microsoft Exchange Server Exploit following the news that tens of thousands of institutions and organizations have been affected by the four Microsoft Exchange Server vulnerabilities revealed last week.
About Heimdal™ Security
Heimdal™ Security is a strongly emerging cybersecurity provider established in 2014 in Copenhagen, currently spanning offices across the world. With a spectacular year-over-year growth and an impressive ahead-of-the-curve approach to threatscape trends, Heimdal™ Security is the go-to solution for unified, intelligent cybersecurity made easy. In March 2020, Heimdal™ Security was acquired by Marlin Equity Partners, fueling its networks of growth and distribution even further.
Head of Communications and PR
*Based on Heimdal™ internal data