Tag: spoofing vulnerability
4 articles

Microsoft Fixes Zero-Day Flaw in Exchange Server Exploited in Attacks
Microsoft has patched a high-severity flaw in Exchange Server, known as CVE-2026-42897, which allowed hackers to execute malicious JavaScript in victims' browsers simply by sending a specially crafted email. This zero-day vulnerability was actively exploited in attacks, putting Outlook Web Access users at risk.

Microsoft Exchange Servers Targeted in Active Exploitation
Microsoft has sounded the alarm on a critical vulnerability in on-premise Exchange Servers, known as CVE-2026-42897, that's currently being exploited by hackers - and the company is urging affected users to act fast. A temporary fix is in place, with a permanent patch on the way.

Microsoft Exchange Servers Targeted by Active CVE-2026-42897 Exploit
Microsoft warns of a high-severity vulnerability, CVE-2026-42897, in its Exchange Servers, allowing attackers to spoof network communications via a cleverly crafted email. This cross-site scripting flaw has been actively exploited, earning a concerning CVSS score of 8.1.

Microsoft Patch Tuesday Addresses 165 Vulnerabilities, Including Exploited SharePoint Flaw
Microsoft's April Patch Tuesday update is a doozy, addressing a whopping 165 vulnerabilities, including a SharePoint Server spoofing flaw that's already been exploited in the wild. This mega update also fixes a bug that was publicly disclosed by a frustrated researcher.