More than 80% of Internet-connected Microsoft Exchange servers remain vulnerable to privilege escalation flaw. Microsoft patched the issue (CVE-2020-0688) in February, but only 7,000 systems have been patched in four weeks. Attackers need to find or phish only a single valid credential to completely compromise a company’s email system, Rapid7 says. The vulnerability should be considered critical, the firm says, adding that it “terrifies us” The vulnerability is caused because the software does not generate unique encryption keys at the time of installation.”]