\u767c\u5e03\u55ae\u4f4d:TWCERT\/CC \u66f4\u65b0\u65e5\u671f:2023-12-14<\/p>\n\n\n\n
\u8cc7\u5b89\u5ee0\u5546 The ShadowServer Foundation \u65e5\u524d\u767c\u8868\u7814\u7a76\u5831\u544a\u6307\u51fa\uff0c\u6709\u6578\u842c\u53f0\u8ca0\u8cac Email \u6536\u767c\u7684 Microsoft Exchange Server \u88ab\u767c\u73fe\u66dd\u9732\u65bc\u5916\u7db2\u4e0a\uff0c\u53ef\u80fd\u56e0\u672a\u4fee\u88dc\u7684\u8cc7\u5b89\u6f0f\u6d1e\u800c\u8f15\u6613\u906d\u5230\u653b\u64ca\u3002<\/p>\n\n\n\n
The ShadowServer Foundation \u5728\u5831\u544a\u4e2d\u6307\u51fa\uff0c\u8a72\u55ae\u4f4d\u6383\u7784\u7db2\u969b\u7db2\u8def\uff0c\u767c\u73fe\u8fd1 20,000 \u53f0\u4ecd\u5728\u57f7\u884c\u820a\u7248 Microsoft Exchange Server \u66dd\u9732\u5728\u516c\u958b\u7db2\u8def\u4e4b\u4e0b\uff1b\u9019\u4e9b\u7248\u672c\u7684 Exchange Server \u90fd\u5df2\u4f86\u5230\u5176\u751f\u547d\u5468\u671f\uff08end-of-life, EOL)\uff0c\u4e0d\u53d7\u8cc7\u5b89\u66f4\u65b0\u652f\u63f4\uff0c\u5167\u542b\u591a\u7a2e\u7121\u6cd5\u4fee\u88dc\u7684\u8cc7\u5b89\u6f0f\u6d1e\u3002<\/p>\n\n\n\n
\u5831\u544a\u6307\u51fa\uff0c\u6383\u7784\u7d50\u679c\u986f\u793a\u6709\u4e00\u534a\u4ee5\u4e0a\u7684\u9019\u985e\u820a\u7248\u4e3b\u6a5f\u4f4d\u65bc\u6b50\u6d32\uff0c\u6578\u91cf\u9ad8\u9054 10,000 \u53f0\u4ee5\u4e0a\uff0c\u5728\u5317\u7f8e\u6709 6,038 \u53f0\uff0c\u4e9e\u6d32\u5247\u6709 2,241 \u53f0\u3002<\/p>\n\n\n\n
\u53e6\u4e00\u5bb6\u8cc7\u5b89\u5ee0\u5546 Macnica \u63d0\u51fa\u7684\u6578\u5b57\u66f4\u70ba\u9a5a\u4eba\uff1b\u8a72\u516c\u53f8\u4f7f\u7528 Shodan \u670d\u52d9\u6383\u7784\u7684\u7d50\u679c\u986f\u793a\uff0c\u66dd\u9732\u65bc\u5916\u90e8\u7db2\u8def\u4e0a\u7684\u820a\u7248 MS Exchange Server \u6578\u91cf\u9ad8\u9054 30,635 \u53f0\uff1b\u5176\u4e2d\u6709 275 \u53f0\u57f7\u884c\u7684\u662f Exchange Server 2007\uff0c4,062 \u53f0\u57f7\u884c Exchanger Server 2010\uff0c26,298 \u53f0\u57f7\u884c Exchanger Server 2013\u3002<\/p>\n\n\n\n
Macnica \u7684\u5831\u544a\u4e5f\u6307\u51fa\uff0c\u4f7f\u7528\u8005\u5c07\u820a\u7248 Exchange Server \u6c70\u820a\u63db\u65b0\u7684\u901f\u5ea6\u548c\u6578\u91cf\u90fd\u660e\u986f\u4e0d\u8db3\uff1b\u6578\u64da\u986f\u793a\u81ea\u4eca\u5e74 4 \u6708\u4ee5\u4f86\uff0c\u5168\u7403\u820a\u7248 Exchange Server \u906d\u5230\u6dd8\u6c70\u4e0b\u7dda\u7684\u6bd4\u4f8b\u50c5\u6709 18%\u3002<\/p>\n\n\n\n
The ShadowServer Foundation \u7684\u5831\u544a\u4e5f\u6307\u51fa\uff0c\u9019\u4e9b\u820a\u7248 Exchange Server \u5167\u542b\u591a\u500b\u56b4\u91cd\u8cc7\u5b89\u6f0f\u6d1e\u5982 CVE-2021-26855\uff08ProxyLogon\uff09\u3001CVE-2021-27065 \u7b49\uff0c\u99ed\u4fb5\u8005\u53ef\u85c9\u4ee5\u9060\u7aef\u57f7\u884c\u4efb\u610f\u7a0b\u5f0f\u78bc\u3002<\/p>\n\n\n\n
\u5efa\u8b70\u7cfb\u7d71\u7ba1\u7406\u8005\u61c9\u5373\u6aa2\u67e5\u7cfb\u7d71\u5167\u6240\u6709\u5df2\u7121\u6cd5\u7372\u53d6\u8cc7\u5b89\u66f4\u65b0\u7684\u8001\u820a\u7cfb\u7d71\uff0c\u4e26\u4e88\u4ee5\u6c70\u63db\u70ba\u8f03\u65b0\u7248\u672c\uff0c\u4ee5\u907f\u514d\u906d\u99ed\u4fb5\u8005\u4ee5\u5df2\u77e5\u6f0f\u6d1e\u767c\u52d5\u653b\u64ca\u5f97\u901e\u3002<\/p>\n\n\n\n