Find notable cyber news and cases, enriched with sources, timelines, and signals.

CISA and NSA release Exchange Server security best practices guidance

Public Sector Action
First reported
Last updated
Happening score
H score 28
1 unique sources, 1 articles

Summary

Hide ▲

CISA, NSA, and international partners released Microsoft Exchange Server Security Best Practices guidance to reduce exposure and harden hybrid and on-premises deployments against cyber-attacks. The blueprint builds on Emergency Directive 25-02 and recommends restricted administrator access, MFA, TLS hardening, and zero-trust controls. It also urges organizations to migrate away from or disconnect unsupported and EOL Exchange versions because the threat to Exchange servers remains persistent.

Related Happenings

Microsoft security patch release for CVE-2026-42897

Security Patch Release
H score44 First: 10.06.2026 16:44 Last: 10.06.2026 16:44 Sources 1

About this happening: **Microsoft** released **June 2026 Security Updates** for **Exchange Server 2016**, **Exchange Server 2019**, and **Exchange Server Subscription Edition (SE)** to fix **CVE-2026-4...

Microsoft Exchange Online mail flow disruption

Service Disruption
H score25 First: 02.06.2026 20:02 Last: 02.06.2026 20:02 Sources 1

About this happening: Microsoft is addressing a **widespread Exchange Online service disruption** that is delaying and failing email delivery for customers across **North America** and **Germany**. The...

Microsoft Exchange CVE-2026-42897 mitigation advisory

Advisory/Mitigation
H score44 First: 15.05.2026 12:40 Last: 15.05.2026 12:40 Sources 1

About this happening: **Microsoft** issued immediate mitigation guidance for **CVE-2026-42897**, reducing risk for **Exchange Server 2016, 2019, and Subscription Edition (SE)** on-premises servers that...

Latest development: 15.05.2026 15:35

Microsoft issued temporary mitigation guidance for CVE-2026-42897 while a patch is still in development, recommending the Exchange Emergency Mitigation (EM) Service, which is enabled by default and can be checked with the Exchange Health Checker script, or the Exchange On-premises Mitigation Tool (EOMT) for disconnected or air-gapped environments. Microsoft noted that the mitigations can disrupt features such as OWA Print Calendar and Inline images, and that servers older than March 2023 cannot receive new mitigations through EM Service.

Microsoft Exchange Server spoofing/XSS flaw under active exploitation (CVE-2026-42897)

Vulnerability
H score37 First: 15.05.2026 09:19 Last: 15.05.2026 09:19 Sources 1

About this happening: **CVE-2026-42897** is an **actively exploited** **spoofing** vulnerability in **on-premises Microsoft Exchange Server** that can lead to **arbitrary JavaScript execution** in a br...

Latest development: 09.06.2026 20:57

Microsoft identifies CVE-2026-42897 in Microsoft Exchange Server as an actively exploited spoofing vulnerability that can lead to JavaScript execution in a target’s browser when a specially crafted email is opened in Outlook Web Access under certain interaction conditions. Microsoft says mitigations are being pushed through the Exchange Emergency Mitigation Service while it continues work on the full update.

ICO releases five-step AI cyber guidance

Public Sector Action
H score18 First: 14.05.2026 12:00 Last: 14.05.2026 12:00 Sources 1

About this happening: The **UK Information Commissioner’s Office (ICO)** released a **five-step guide** urging organizations to prepare for **AI-powered cyber threats**, making it clear that stronger r...

Timeline

  1. 03.11.2025 18:45 2 articles · 8mo ago

    CISA, NSA and partners release Microsoft Exchange Server security best practices

    Industry Or Public Sector Update

    US Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA) and international partners released Microsoft Exchange Server Security Best Practices guidance to reduce exposure in hybrid and on-premises deployments. The blueprint builds on CISA’s Emergency Directive 25-02 and recommends restricting administrative access, enabling MFA and modern authentication, tightening transport security and TLS settings, applying Microsoft’s Exchange Emergency Mitigation service, adopting zero-trust principles, and migrating away from unsupported or end-of-life Exchange versions.

    Show sources