Ninety-one percent of nearly 30,000 Microsoft Exchange Server instances affected by the ProxyLogon flaw exploited by China’s Salt Typhoon threat operation remain vulnerable almost four years after the patch. In contrast, Ivanti-related issues targeted by the same group have been remediated in over 92% of affected devices, according to Tenable researchers.
The findings come amid ongoing discussions about China’s Salt Typhoon, Volt Typhoon, and Flax Typhoon threats in Congress.
Tenable staff engineer Scott Caveza noted that each typhoon focuses on unpatched vulnerabilities for initial access, targeting public-facing servers. Organizations must routinely patch such devices to mitigate these persistent threats.
Source: https://www.channele2e.com/brief/most-online-exchange-servers-vulnerable-to-proxylogon-still-not-fixed