Tag: outlook web access

2 articles

Office setting with laptop showing blurred email inbox on screen.

Microsoft Fixes Zero-Day Flaw in Exchange Server Exploited in Attacks

Microsoft has patched a high-severity flaw in Exchange Server, known as CVE-2026-42897, which allowed hackers to execute malicious JavaScript in victims' browsers simply by sending a specially crafted email. This zero-day vulnerability was actively exploited in attacks, putting Outlook Web Access users at risk.

Analyst 207Jun 10, 2026

Rack of servers with a prominent Exchange Server device and nearby laptop in a brightly-lit data center.

Microsoft Exchange Servers Targeted by Active CVE-2026-42897 Exploit

Microsoft warns of a high-severity vulnerability, CVE-2026-42897, in its Exchange Servers, allowing attackers to spoof network communications via a cleverly crafted email. This cross-site scripting flaw has been actively exploited, earning a concerning CVSS score of 8.1.

Analyst 207May 15, 2026