Home/Tag/Microsoft Exchange

Microsoft Exchange

3 articles tagged with "Microsoft Exchange"

Vulnerabilities4 min read

Microsoft Finally Patches Exchange OWA Zero-Day After 26-Day Wait

Microsoft releases CVE-2026-42897 fix for Exchange Server OWA XSS vulnerability exploited since May. ESU-only updates for 2016/2019 leave many systems exposed.

Marcus ChenJun 12, 2026

Vulnerabilities4 min read

Pwn2Own Berlin Day 2: Exchange RCE Chain Earns $200K, 15 Zero-Days Fall

Day two of Pwn2Own Berlin 2026 yields 15 new zero-days worth $385,750. Orange Tsai chains three bugs for SYSTEM-level Exchange RCE, earning the event's largest payout.

Marcus ChenMay 16, 2026

Vulnerabilities3 min read

Exchange Server Zero-Day CVE-2026-42897 Exploited via Crafted Emails

Microsoft confirms active exploitation of CVE-2026-42897, an XSS flaw in Exchange OWA that executes JavaScript via malicious emails. No patch available yet.

Marcus ChenMay 16, 2026