Microsoft Exchange CVE-2026-42897 mitigation advisory
Advisory/Mitigation
Summary
Hide ▲
Show ▼
Microsoft issued immediate mitigation guidance for CVE-2026-42897, reducing risk for Exchange Server 2016, 2019, and Subscription Edition (SE) on-premises servers that are being targeted in attacks. EEMS can automatically apply interim protections, and administrators in air-gapped environments can use EOMT instead. The advisory matters because permanent patches are not yet available, so defenders need a stopgap now while waiting for updates. Microsoft also warned that servers older than March 2023 may not receive new mitigations through EM Service.
Related Happenings
Microsoft security patch release for CVE-2026-42897
Security Patch Release
H score44
First: 10.06.2026 16:44
Last: 10.06.2026 16:44
Sources 1
How related:
Yesterday, Microsoft released security updates to address the security flaw in affected Exchange Server installations, advising admins to deploy them "as soon as possible" and leave the mitigations in place for additional protection.
About this happening:
**Microsoft** released **June 2026 Security Updates** for **Exchange Server 2016**, **Exchange Server 2019**, and **Exchange Server Subscription Edition (SE)** to fix **CVE-2026-4...
Microsoft security patch release for CVE-2026-42897
Security Patch ReleaseHow related: Yesterday, Microsoft released security updates to address the security flaw in affected Exchange Server installations, advising admins to deploy them "as soon as possible" and leave the mitigations in place for additional protection.
About this happening: **Microsoft** released **June 2026 Security Updates** for **Exchange Server 2016**, **Exchange Server 2019**, and **Exchange Server Subscription Edition (SE)** to fix **CVE-2026-4...
Microsoft Exchange Online mail flow disruption
Service Disruption
H score25
First: 02.06.2026 20:02
Last: 02.06.2026 20:02
Sources 1
About this happening:
Microsoft is addressing a **widespread Exchange Online service disruption** that is delaying and failing email delivery for customers across **North America** and **Germany**. The...
Microsoft Exchange Online mail flow disruption
Service DisruptionAbout this happening: Microsoft is addressing a **widespread Exchange Online service disruption** that is delaying and failing email delivery for customers across **North America** and **Germany**. The...
CCB urgent patch warning for CVE-2026-41089 on Windows servers
Public Sector Action
H score48
First: 01.06.2026 15:30
Last: 01.06.2026 15:30
Sources 1
About this happening:
Belgium's **CCB** warned that **CVE-2026-41089** is being **actively exploited in the wild**, urging admins to **immediately patch** vulnerable **Windows servers** because the fla...
CCB urgent patch warning for CVE-2026-41089 on Windows servers
Public Sector ActionAbout this happening: Belgium's **CCB** warned that **CVE-2026-41089** is being **actively exploited in the wild**, urging admins to **immediately patch** vulnerable **Windows servers** because the fla...
CERT-In issues 12-hour patch guidance for Indian organizations
Public Sector Action
H score38
First: 26.05.2026 13:30
Last: 26.05.2026 13:30
Sources 1
About this happening:
**CERT-In** published new guidance on **May 25** urging Indian organizations to patch **actively exploited internet-facing vulnerabilities** within **12 hours**, tightening respon...
CERT-In issues 12-hour patch guidance for Indian organizations
Public Sector ActionAbout this happening: **CERT-In** published new guidance on **May 25** urging Indian organizations to patch **actively exploited internet-facing vulnerabilities** within **12 hours**, tightening respon...
CERT-In 12-hour KEV remediation guidance
Advisory/Mitigation
H score39
First: 26.05.2026 13:30
Last: 26.05.2026 13:30
Sources 1
About this happening:
CERT-In set a **12-hour** expectation for containing or remediating **known exploited vulnerabilities** on **internet-facing and crown-jewel systems**, sharply shortening response...
CERT-In 12-hour KEV remediation guidance
Advisory/MitigationAbout this happening: CERT-In set a **12-hour** expectation for containing or remediating **known exploited vulnerabilities** on **internet-facing and crown-jewel systems**, sharply shortening response...
Timeline
-
15.05.2026 15:35 3 articles · 1mo ago
Microsoft issues temporary mitigations for CVE-2026-42897
Mitigation Patch UpdateMicrosoft issued temporary mitigation guidance for CVE-2026-42897 while a patch is still in development, recommending the Exchange Emergency Mitigation (EM) Service, which is enabled by default and can be checked with the Exchange Health Checker script, or the Exchange On-premises Mitigation Tool (EOMT) for disconnected or air-gapped environments. Microsoft noted that the mitigations can disrupt features such as OWA Print Calendar and Inline images, and that servers older than March 2023 cannot receive new mitigations through EM Service.
Show sources
- Microsoft Reports Severe Zero-Day Flaw in On-Prem Exchange Servers — www.infosecurity-magazine.com — 15.05.2026 15:35
- Microsoft Reports Severe Zero-Day Flaw in On-Prem Exchange Servers — www.infosecurity-magazine.com — 15.05.2026 15:35
- Microsoft patches Exchange Server zero-day exploited in attacks — www.bleepingcomputer.com — 10.06.2026 16:44
-
15.05.2026 12:40 2 articles · 1mo ago
Microsoft shares mitigations for CVE-2026-42897
Initial DisclosureMicrosoft shared mitigations for CVE-2026-42897, a high-severity Exchange Server spoofing vulnerability exploited in attacks that can execute arbitrary JavaScript via cross-site scripting against Outlook on the web users on on-premises Exchange Server 2016, Exchange Server 2019, and Exchange Server Subscription Edition (SE). The company said Exchange Emergency Mitigation Service (EEMS) can automatically mitigate supported servers, administrators in air-gapped environments can use the Exchange on-premises Mitigation Tool (EOMT), and permanent patches for Exchange SE RTM, Exchange 2016 CU23, and Exchange Server 2019 CU14 and CU15 are planned but not yet available.
Show sources
- Microsoft warns of Exchange zero-day flaw exploited in attacks — www.bleepingcomputer.com — 15.05.2026 12:40
- Microsoft Reports Severe Zero-Day Flaw in On-Prem Exchange Servers — www.infosecurity-magazine.com — 15.05.2026 15:35
-
15.05.2026 12:40 2 articles · 1mo ago
Microsoft shares mitigations for CVE-2026-42897
Initial DisclosureMicrosoft shared mitigations for CVE-2026-42897, a high-severity Exchange Server spoofing vulnerability exploited in attacks that can execute arbitrary JavaScript via cross-site scripting against Outlook on the web users on on-premises Exchange Server 2016, Exchange Server 2019, and Exchange Server Subscription Edition (SE). The company said Exchange Emergency Mitigation Service (EEMS) can automatically mitigate supported servers, administrators in air-gapped environments can use the Exchange on-premises Mitigation Tool (EOMT), and permanent patches for Exchange SE RTM, Exchange 2016 CU23, and Exchange Server 2019 CU14 and CU15 are planned but not yet available.
Show sources
- Microsoft warns of Exchange zero-day flaw exploited in attacks — www.bleepingcomputer.com — 15.05.2026 12:40
- Microsoft Reports Severe Zero-Day Flaw in On-Prem Exchange Servers — www.infosecurity-magazine.com — 15.05.2026 15:35