As of Monday morning, over 29,000 Microsoft Exchange servers remain unpatched, just hours before the U.S. Cybersecurity and Infrastructure Security Agency’s (CISA) deadline. The unpatched systems leave organizations vulnerable to a critical flaw that could allow attackers to escalate privileges and compromise Microsoft 365 cloud environments.
CISA has warned that the vulnerability, tracked as CVE-2025-53786, poses a serious threat to organizations using hybrid Exchange configurations. Federal agencies were ordered to apply fixes and report compliance by 9:00 AM EDT on August 11, 2025.
Public scans from Shadowserver show that most vulnerable servers are located in the U.S., followed by Germany, Russia, France, the UK, Austria, and Canada. The number of exposed servers has remained unchanged for four days.
The flaw affects all unpatched versions of Microsoft Exchange, including 2016, 2019, and Subscription Editions. Simply applying the patch is not enough, admins must follow detailed mitigation steps outlined by Microsoft and CISA. Servers running end-of-life versions should be disconnected entirely.
Found this article interesting? Follow us on X(Twitter) ,Threads and FaceBook to read more exclusive content we post.
