Find notable cyber news and cases, enriched with sources, timelines, and signals.

Microsoft Exchange Online IMAP4 outage

Service Disruption
First reported
Last updated
Happening score
H score 0
1 unique sources, 1 articles

Summary

Hide ▲

Microsoft Exchange Online is facing an IMAP4 outage that intermittently blocks mailbox access for some users, disrupting email availability. The incident is tracked as EX1215307 and was first acknowledged at 23:35 UTC on Wednesday. Microsoft says the outage was triggered by a code conflict in a recent IMAP deployment that introduced an authentication misconfiguration. Other connection methods are unaffected, and Microsoft says a fix is being deployed.

Related Happenings

Microsoft Exchange Online mail flow disruption

Service Disruption
H score25 First: 02.06.2026 20:02 Last: 02.06.2026 20:02 Sources 1

About this happening: Microsoft is addressing a **widespread Exchange Online service disruption** that is delaying and failing email delivery for customers across **North America** and **Germany**. The...

Microsoft Teams and Office for the web file-opening outage

Service Disruption
H score25 First: 01.06.2026 17:36 Last: 01.06.2026 17:36 Sources 1

About this happening: Microsoft is investigating an ongoing **service disruption** that is blocking **Teams** and **Office for the web** users from opening files, disrupting access to shared documents...

Microsoft My Sign-Ins MFA outage

Service Disruption
H score25 First: 01.06.2026 14:40 Last: 01.06.2026 14:40 Sources 1

About this happening: **Microsoft** is dealing with an **ongoing outage** that is blocking some users from setting up **multi-factor authentication (MFA)** and accessing **My Sign-Ins**. Affected users...

Microsoft Exchange Server spoofing/XSS flaw under active exploitation (CVE-2026-42897)

Vulnerability
H score37 First: 15.05.2026 09:19 Last: 15.05.2026 09:19 Sources 1

About this happening: **CVE-2026-42897** is an **actively exploited** **spoofing** vulnerability in **on-premises Microsoft Exchange Server** that can lead to **arbitrary JavaScript execution** in a br...

Latest development: 09.06.2026 20:57

Microsoft identifies CVE-2026-42897 in Microsoft Exchange Server as an actively exploited spoofing vulnerability that can lead to JavaScript execution in a target’s browser when a specially crafted email is opened in Outlook Web Access under certain interaction conditions. Microsoft says mitigations are being pushed through the Exchange Emergency Mitigation Service while it continues work on the full update.

Microsoft Windows Autopatch fix for EU restricted driver update deployment bug

Security Tool/Service
H score11 First: 13.05.2026 17:36 Last: 13.05.2026 17:36 Sources 1

About this happening: **Microsoft** fixed a **Windows Autopatch** service bug that let **restricted driver updates** reach some managed devices in the **EU**, bypassing admin approval controls and crea...

Timeline

  1. 08.01.2026 14:45 1 articles · 6mo ago

    Exchange Online IMAP4 outage acknowledged

    Initial Disclosure

    Microsoft acknowledged EX1215307 after an Exchange Online service issue began intermittently blocking mailbox access through IMAP4. Microsoft said other connection methods were unaffected, advised affected users to retry access, and classified the problem as an incident in the Microsoft 365 admin center.

    Show sources
  2. 08.01.2026 14:45 2 articles · 6mo ago

    Microsoft deploys Exchange Online IMAP4 fix

    Mitigation Patch Update

    Microsoft said it already deployed a fix for the Exchange Online IMAP4 mailbox access issue and was continuing to roll out the configuration change. The disruption was attributed to a code conflict in a recent IMAP deployment that introduced an authentication misconfiguration, with completion expected by the next scheduled update.

    Show sources