On Thursday, Microsoft shared mitigations for a high-severity Exchange Server vulnerability exploited in attacks that allow ...

Microsoft warns of a new zero-day vulnerability that leaves Exchange open to hackers.

Microsoft warned Exchange Server customers about critical OWA vulnerability CVE-2026-42897 affecting on-premises deployments.

Microsoft confirmed on May 14 that CVE-2026-42897 — a cross-site scripting flaw in the Outlook Web Access component of Exchange Server 2016, 2019, and Subscription Edition — is under active ...

Microsoft has disclosed a new security vulnerability impacting on-premise versions of Exchange Server that it said has come ...

Microsoft is working to patch CVE-2026-42897, an Exchange Server zero-day vulnerability that has been exploited in attacks.

Microsoft this week announced it will be bringing its Extended Security Update (ESU) program for on-premises Exchange Server 2016 and 2019, offering organizations critical protection as they approach ...

A newly discovered zero-day vulnerability in Microsoft Exchange Server has experts declaring an emergency and urging CSOs to ...

The zero-day vulnerability affects on-premises installations for all versions of Exchange Server 2016, 2019 and Subscription ...

Microsoft has announced upcoming end of life for two of its key products, Exchange Server 2016 and Dynamics 365 Project Service Automation (PSA), in 2025. First up, Exchange Server 2016 will reach the ...