While there weren’t any genuine zero-day vulnerabilities to patch in May’s Patch Tuesday update, the fallout since then has ...

Microsoft Exchange users are urged to mitigate a zero-day vulnerability that CISA has confirmed is under active exploitation.

On Thursday, Microsoft shared mitigations for a high-severity Exchange Server vulnerability exploited in attacks that allow ...

Microsoft confirmed on May 14 that CVE-2026-42897 — a cross-site scripting flaw in the Outlook Web Access component of Exchange Server 2016, 2019, and Subscription Edition — is under active ...

Microsoft has disclosed a new security vulnerability impacting on-premise versions of Exchange Server that it said has come ...

Microsoft warns of a new zero-day vulnerability that leaves Exchange open to hackers.

Microsoft warned Exchange Server customers about critical OWA vulnerability CVE-2026-42897 affecting on-premises deployments.

The emergency patches for the recently disclosed critical vulnerabilities in Microsoft Exchange email server did not come soon enough and organizations had little time to prepare before en masse ...

According to Check Point Research (CPR), threat actors are actively exploiting four zero-day vulnerabilities tackled with emergency fixes issued by Microsoft on March 2-- and attack attempts continue ...

Microsoft has released its final cumulative update (CU) for Exchange Server 2019, which means customers need to get ready to upgrade or move to hosted Exchange. Enterprises still hosting on-premises ...