Particle.news
Download on the App Store
14 ARTICLES
·
3h ago

Thousands of Hybrid Exchange Servers Still Exposed After Patch Tuesday

Security teams must rotate trust tokens by deploying dedicated hybrid apps to guard against undetectable cloud pivots.

Image
Over 29,000 Microsoft Exchange Servers Unpatched Leaving Networks at Risk
Image
Patch Tuesday: Microsoft Fixes 107 Vulnerabilities, Including 13 RCE Flaws

Overview

  • Microsoft’s August Patch Tuesday delivered updates for CVE-2025-53786 alongside fixes for more than 100 other vulnerabilities, but the vendor warns that installing patches without configuration changes may not eliminate covert cloud pivots.
  • Security scans by the Shadowserver Foundation show that about 29,000 hybrid Exchange servers remain accessible and unpatched worldwide, with the largest numbers in the United States and Germany.
  • CISA’s Emergency Directive 25-02 set a 9 a.m. EDT, August 11 deadline for federal civilian agencies to apply the April hotfix and disconnect unsupported Exchange servers, a mandate that industry observers say may not be fully met.
  • While Microsoft reports no confirmed exploitations to date, researchers caution that reliable attack code is likely to appear soon, heightening the risk of stealthy privilege escalations into Microsoft 365 tenants.
  • Cybersecurity teams are advised to rotate existing trust tokens, deploy Microsoft’s dedicated hybrid application in Entra ID and perform environment inventories with health checks to detect and contain potential compromises.