Microsoft Exchange server high-severity disclosed today security flaw
Vulnerability
Summary
Hide ▲
Show ▼
CISA flagged a high-severity vulnerability in on-premise Microsoft Exchange server that was disclosed today, creating immediate risk for organizations running Exchange on-premises. The agency said it is actively monitoring and mitigating the issue with Microsoft and partners. Organizations were urged to implement Microsoft guidance to reduce risk while scope and impact are assessed.
Related Happenings
Microsoft Teams External Domains Anomalies Report rollout for suspicious external-domain traffic
Security Tool/Service
First: 10.12.2025 21:32
Last: 10.12.2025 21:32
Sources 1
About this happening:
Microsoft Teams is introducing **External Domains Anomalies Report**, a security feature that flags **suspicious external-domain traffic** so admins can spot potential **data-shar...
Microsoft Teams External Domains Anomalies Report rollout for suspicious external-domain traffic
Security Tool/ServiceAbout this happening: Microsoft Teams is introducing **External Domains Anomalies Report**, a security feature that flags **suspicious external-domain traffic** so admins can spot potential **data-shar...
Microsoft Teams adds user reporting for false-positive threat detections
Security Tool/Service
First: 18.11.2025 19:14
Last: 18.11.2025 19:14
Sources 1
About this happening:
**Microsoft Teams** is adding user reporting for messages wrongly flagged as malicious, giving organizations a way to surface **false positives** and improve detection accuracy. T...
Microsoft Teams adds user reporting for false-positive threat detections
Security Tool/ServiceAbout this happening: **Microsoft Teams** is adding user reporting for messages wrongly flagged as malicious, giving organizations a way to surface **false positives** and improve detection accuracy. T...
CISA and NSA Microsoft Exchange hardening guidance
Advisory/Mitigation
First: 30.10.2025 18:11
Last: 30.10.2025 18:11
Sources 1
About this happening:
**CISA** and **NSA** released **Microsoft Exchange** hardening guidance that pushes administrators to reduce attack surface, strengthen authentication, and retire unsupported serv...
CISA and NSA Microsoft Exchange hardening guidance
Advisory/MitigationAbout this happening: **CISA** and **NSA** released **Microsoft Exchange** hardening guidance that pushes administrators to reduce attack surface, strengthen authentication, and retire unsupported serv...
Exchange Server 2016 and 2019 end-of-support migration guidance
Advisory/Mitigation
First: 14.10.2025 21:26
Last: 14.10.2025 21:26
Sources 1
About this happening:
**Microsoft** says **Exchange Server 2016** and **Exchange Server 2019** reached **end of support on October 14, 2025**, leaving on-premises deployments without future vendor secu...
Exchange Server 2016 and 2019 end-of-support migration guidance
Advisory/MitigationAbout this happening: **Microsoft** says **Exchange Server 2016** and **Exchange Server 2019** reached **end of support on October 14, 2025**, leaving on-premises deployments without future vendor secu...
Microsoft 365 outage blocking Teams, Exchange Online, and admin center access
Service Disruption
First: 08.10.2025 21:35
Last: 08.10.2025 21:35
Sources 1
About this happening:
Microsoft is dealing with a **Microsoft 365 outage** that is blocking access to **Teams**, **Exchange Online**, and the **admin center**, with some users also unable to complete *...
Microsoft 365 outage blocking Teams, Exchange Online, and admin center access
Service DisruptionAbout this happening: Microsoft is dealing with a **Microsoft 365 outage** that is blocking access to **Teams**, **Exchange Online**, and the **admin center**, with some users also unable to complete *...
Timeline
-
06.08.2025 15:00 1 articles · 9mo ago
CISA alerts on a high-severity Microsoft Exchange vulnerability
Initial DisclosureCISA issued an alert on a high-severity vulnerability affecting on-premise Microsoft Exchange server, said it was actively monitoring and mitigating the issue with Microsoft and government and industry partners, and urged organizations to implement Microsoft guidance to reduce risk.
Show sources
- CISA Issues Alert on Vulnerability affecting Microsoft Exchange — www.cisa.gov — 06.08.2025 15:00