CVE-2026-42897 Exploited in On‑Prem Exchange via Crafted Email

Colleagues, please note: Microsoft confirms active exploitation of CVE-2026-42897 in on‑prem Exchange.
Microsoft describes the flaw as XSS/spoofing: a crafted email that, when opened in OWA and subject to specific interaction, executes arbitrary JavaScript. Reported by an anonymous researcher.
Affected: Exchange 2016, 2019 and Subscription Edition (on‑prem). Exchange Online is not affected.
Mitigation: EEMS (enabled by default) or EOMT — run the provided script via Exchange Management Shell for on‑prem systems.
Why this matters: on‑prem deployments are at risk — apply the recommended measures urgently.
What are your plans to verify and remediate?
#cybersecurity #MicrosoftExchange #CVE-2026-42897


Latest comments
No comments yet.