Find notable cyber news and cases, enriched with sources, timelines, and signals.

Microsoft Exchange Online email quarantine disruption

Service Disruption
First reported
Last updated
Happening score
H score 21
1 unique sources, 3 articles

Summary

Hide ▲

Microsoft's Exchange Online is facing an ongoing email delivery disruption that is quarantining legitimate messages and blocking some customers from sending or receiving mail. The issue began on February 5 and still matters because it interrupts everyday email flow for affected tenants. Microsoft says a new URL rule is misclassifying some messages and is working to release quarantined emails and unblock legitimate URLs.

Related Happenings

Microsoft Exchange Online mail flow disruption

Service Disruption
H score25 First: 02.06.2026 20:02 Last: 02.06.2026 20:02 Sources 1

About this happening: Microsoft is addressing a **widespread Exchange Online service disruption** that is delaying and failing email delivery for customers across **North America** and **Germany**. The...

Microsoft Exchange CVE-2026-42897 mitigation advisory

Advisory/Mitigation
H score44 First: 15.05.2026 12:40 Last: 15.05.2026 12:40 Sources 1

About this happening: **Microsoft** issued immediate mitigation guidance for **CVE-2026-42897**, reducing risk for **Exchange Server 2016, 2019, and Subscription Edition (SE)** on-premises servers that...

Latest development: 15.05.2026 15:35

Microsoft issued temporary mitigation guidance for CVE-2026-42897 while a patch is still in development, recommending the Exchange Emergency Mitigation (EM) Service, which is enabled by default and can be checked with the Exchange Health Checker script, or the Exchange On-premises Mitigation Tool (EOMT) for disconnected or air-gapped environments. Microsoft noted that the mitigations can disrupt features such as OWA Print Calendar and Inline images, and that servers older than March 2023 cannot receive new mitigations through EM Service.

Microsoft Exchange Server spoofing/XSS flaw under active exploitation (CVE-2026-42897)

Vulnerability
H score37 First: 15.05.2026 09:19 Last: 15.05.2026 09:19 Sources 1

About this happening: **CVE-2026-42897** is an **actively exploited** **spoofing** vulnerability in **on-premises Microsoft Exchange Server** that can lead to **arbitrary JavaScript execution** in a br...

Latest development: 09.06.2026 20:57

Microsoft identifies CVE-2026-42897 in Microsoft Exchange Server as an actively exploited spoofing vulnerability that can lead to JavaScript execution in a target’s browser when a specially crafted email is opened in Outlook Web Access under certain interaction conditions. Microsoft says mitigations are being pushed through the Exchange Emergency Mitigation Service while it continues work on the full update.

Microsoft Exchange Online blocks legacy TLS for POP3 and IMAP4 starting July 2026

Security Tool/Service
H score11 First: 28.04.2026 16:18 Last: 28.04.2026 16:18 Sources 1

About this happening: **Microsoft** will block **TLS 1.0** and **TLS 1.1** for **POP3/IMAP4** access to **Exchange Online** in **July 2026**, which could break legacy mail clients and embedded devices...

Microsoft Outlook.com outage causing sign-in failures

Service Disruption
H score20 First: 27.04.2026 15:03 Last: 27.04.2026 15:03 Sources 1

About this happening: Microsoft's **Outlook.com** is experiencing an **ongoing outage** that is blocking sign-ins and mailbox access, leaving some customers unable to use email normally. The disruption...

Timeline

  1. 18.02.2026 18:26 1 articles · 4mo ago

    Microsoft publishes Exchange Online root-cause analysis

    Technical Analysis Update

    Microsoft’s preliminary post-incident report for Exchange Online says a logic error in heuristic detection aimed at novel credential phishing campaigns misclassified thousands of legitimate URLs as phishing links, quarantined legitimate emails, blocked links in Microsoft Teams messages, and generated false-positive XDR alerts during the February 5-12 incident window.

    Show sources
  2. 09.02.2026 12:47 1 articles · 5mo ago

    Exchange Online mail filtering disruption begins

    Untyped Phase

    Microsoft Exchange Online customers begin experiencing an email delivery disruption in which legitimate messages are incorrectly marked as phish and quarantined, preventing some users from sending or receiving email.

    Show sources
  3. 09.02.2026 12:47 2 articles · 5mo ago

    Microsoft acknowledges Exchange Online quarantine bug

    Initial Disclosure

    Microsoft says legitimate email messages are being marked as phish and quarantined in Exchange Online, explains that an updated URL rule is incorrectly flagging legitimate URLs as malicious, and says it is working to release quarantined messages and unblock legitimate URLs for affected customers.

    Show sources