Worldwide, tens of thousands of Exchange environments are missing a crucial patch against a recently discovered vulnerability. The situation in Europe is also not promising.
Tens of thousands of Exchange environments worldwide are still vulnerable to CVE-2025-53786. This bug was revealed last week and has a CVSS score of 8.8. The vulnerability specifically affects hybrid Exchange configurations with components both on-premises and in the cloud. Attackers exploiting the bug can redirect mail traffic from cloud servers. Microsoft expects exploitation to occur soon.
read also
Tens of Thousands of Exchange Servers Still Vulnerable to Serious Bug
Patch available
Although a patch is available, administrators have not yet sufficiently installed it. Currently, there are nearly 30,000 vulnerable environments visible on the internet worldwide. In Belgium, there are 195 installations, the Netherlands 562, and France 1,607. Germany is the most severely affected of all European countries, with 6,475 Exchange environments where the new patch has not been installed.
The reality is slightly less severe than these figures suggest. They show Exchange environments without the latest patch but do not reveal whether those environments are also used in the vulnerable hybrid configuration. Moreover, hackers need access to the local environment to exploit the bug.
The figures do indicate that Exchange administrators worldwide have not learned their lesson after previous hacks. Despite the dangers of an insufficiently patched on-premises Exchange environment, many organizations are again taking their time to install an important update.