Microsoft Exchange Online mail flow disruption
Service Disruption
Summary
Hide ▲
Show ▼
Microsoft is addressing a widespread Exchange Online service disruption that is delaying and failing email delivery for customers across North America and Germany. The issue is causing SMTP deferral errors and interrupted send/access attempts, with some messages left undelivered for over an hour. The outage is still under investigation, so mail flow reliability remains degraded while engineers work to identify the root cause.
Related Happenings
Microsoft Exchange CVE-2026-42897 mitigation advisory
Advisory/Mitigation
H score44
First: 15.05.2026 12:40
Last: 15.05.2026 12:40
Sources 1
About this happening:
Microsoft issued immediate mitigation guidance for CVE-2026-42897, reducing risk for Exchange Server 2016, 2019, and Subscription Edition (SE) on-premises servers that...
Microsoft Exchange CVE-2026-42897 mitigation advisory
Advisory/MitigationAbout this happening: Microsoft issued immediate mitigation guidance for CVE-2026-42897, reducing risk for Exchange Server 2016, 2019, and Subscription Edition (SE) on-premises servers that...
Latest development: 15.05.2026 15:35
Microsoft issued temporary mitigation guidance for CVE-2026-42897 while a patch is still in development, recommending the Exchange Emergency Mitigation (EM) Service, which is enabled by default and can be checked with the Exchange Health Checker script, or the Exchange On-premises Mitigation Tool (EOMT) for disconnected or air-gapped environments. Microsoft noted that the mitigations can disrupt features such as OWA Print Calendar and Inline images, and that servers older than March 2023 cannot receive new mitigations through EM Service.
Microsoft Exchange Server spoofing/XSS flaw under active exploitation (CVE-2026-42897)
Vulnerability
H score37
First: 15.05.2026 09:19
Last: 15.05.2026 09:19
Sources 1
About this happening:
CVE-2026-42897 is an actively exploited spoofing vulnerability in on-premises Microsoft Exchange Server that can lead to arbitrary JavaScript execution in a br...
Microsoft Exchange Server spoofing/XSS flaw under active exploitation (CVE-2026-42897)
VulnerabilityAbout this happening: CVE-2026-42897 is an actively exploited spoofing vulnerability in on-premises Microsoft Exchange Server that can lead to arbitrary JavaScript execution in a br...
Latest development: 09.06.2026 20:57
Microsoft identifies CVE-2026-42897 in Microsoft Exchange Server as an actively exploited spoofing vulnerability that can lead to JavaScript execution in a target’s browser when a specially crafted email is opened in Outlook Web Access under certain interaction conditions. Microsoft says mitigations are being pushed through the Exchange Emergency Mitigation Service while it continues work on the full update.
Microsoft Outlook.com outage causing sign-in failures
Service Disruption
H score20
First: 27.04.2026 15:03
Last: 27.04.2026 15:03
Sources 1
About this happening:
Microsoft's Outlook.com is experiencing an ongoing outage that is blocking sign-ins and mailbox access, leaving some customers unable to use email normally. The disruption...
Microsoft Outlook.com outage causing sign-in failures
Service DisruptionAbout this happening: Microsoft's Outlook.com is experiencing an ongoing outage that is blocking sign-ins and mailbox access, leaving some customers unable to use email normally. The disruption...
Microsoft Classic Outlook email sending disruption
Service Disruption
H score0
First: 02.04.2026 12:12
Last: 02.04.2026 12:12
Sources 1
About this happening:
Microsoft is investigating a Classic Outlook disruption that can prevent some users from sending or replying to email through Outlook.com, causing NDR errors and m...
Microsoft Classic Outlook email sending disruption
Service DisruptionAbout this happening: Microsoft is investigating a Classic Outlook disruption that can prevent some users from sending or replying to email through Outlook.com, causing NDR errors and m...
Latest development: 06.04.2026 22:19
Microsoft fixed a known issue affecting some Classic Outlook users sending emails via Outlook.com that could return non-delivery reports (NDRs) with 0x80070005-0x0004dc-0x000524 errors. Microsoft said the service change was in production as of April 3, 2026, and advised affected users to use the New Outlook client or Outlook.com on the web; Microsoft also pointed users to downloading the Outlook Address Book for affected Outlook.com accounts.
Microsoft Exchange Online mailbox access disruption
Service Disruption
H score0
First: 23.03.2026 14:17
Last: 23.03.2026 14:17
Sources 1
About this happening:
The Exchange Online service is undergoing an ongoing mailbox access disruption that can stop some users from opening cloud mailboxes through Outlook mobile and the n...
Microsoft Exchange Online mailbox access disruption
Service DisruptionAbout this happening: The Exchange Online service is undergoing an ongoing mailbox access disruption that can stop some users from opening cloud mailboxes through Outlook mobile and the n...
Timeline
-
02.06.2026 20:02 2 articles · 1mo ago
Microsoft acknowledges Exchange Online mail flow disruption
Initial DisclosureMicrosoft acknowledged a widespread Exchange Online mail flow disruption affecting customers in North America and Germany, said the issue is tracked as EX1331830 and classified as an incident, and said engineers are investigating SMTP deferral errors and abrupt connection closures that are delaying or preventing email send and receive operations, with some messages remaining undelivered for over an hour.
Show sources
- Microsoft Exchange Online outage causes email delays, failures — www.bleepingcomputer.com — 02.06.2026 20:02
- Microsoft Exchange Online outage causes email delays, failures — www.bleepingcomputer.com — 02.06.2026 20:02