Microsoft Confirms Active 0-Day Exploit—Check Emergency Mitigation

Staff Editor 2026-05-18
Microsoft Confirms Active 0-Day Exploit—Check Emergency Mitigation

Microsoft Confirms Active 0-Day Exploit—Check Emergency Mitigation

https://www.forbes.com/sites/daveywinder/2026/05/18/microsoft-exchange-active-0-day-exploit-enable-emergency-mitigation-now/

Publish Date: 2026-05-18 15:03:00

Source Domain: www.forbes.com

Microsoft confirms Exchange zero-day, CISA warns it’s under active exploitation.

getty

Updated May 18: This article has been updated to include further details on the emergency mitigation process recommended by Microsoft after the CVE-2026-42897 Exchange Server zero-day was confirmed by the U.S. Cybersecurity and Infrastructure Security Agency as already being actively exploited in the wild by attackers. Alongside this, there is a second update concerning yet another zero-day exposure from an ‘angry hacker’ who has added to the long list of publicly disclosed vulnerabilities by posting details of a Windows 11 ‘proof of concept’ exploit that gives an attacker system privileges even when Windows is running fully patched and up to date..

It’s been something of a rough few days for Microsoft Exchange on the security vulnerability front. A zero-day being demonstrated at the Pwn2Own Berlin hacking event, which has been responsibly disclosed and not released into the wild. Definitely already out there, and under active exploitation according to the U.S. Cybersecurity and Infrastructure Security Agency, another Exchange zero-day, confirmed by Microsoft on May 14. CISA added the CVE-2026-42897 vulnerability to its Known Exploited Vulnerabilities Catalog on May 15, urging all organizations to prioritize timely remediation as the attack vector poses a significant risk. Here’s what you need to know.

ForbesMicrosoft Windows Alert—Angry Hacker Drops 2 New Zero-Day ExploitsBy Davey Winder

The Microsoft Exchange CVE-2026-42897 Zero-Day Explained

Microsoft disclosed CVE-2026-42897 on May 14, describing the zero-day as a Microsoft Exchange Server spoofing vulnerability. Technically speaking, the vulnerability occurs when an improper neutralization of input during web page generation, or a cross-site scripting attack if you prefer, enables an attacker to perform spoofing over the network. All it takes to exploit this is to send a maliciously crafted email, which, when…

Source

More Stories

Free Apps Are Quietly Turning Smart TVs Into Web-Scraping Proxies for AI

Free Apps Are Quietly Turning Smart TVs Into Web-Scraping Proxies for AI

Staff Editor 2026-06-06
Franklin Student is a Cyber Security Champ at Bridgewater State

Franklin Student is a Cyber Security Champ at Bridgewater State

Staff Editor 2026-06-06
CISA Adds Actively Exploited SolarWinds Serv-U DoS Flaw to KEV Catalog

CISA Adds Actively Exploited SolarWinds Serv-U DoS Flaw to KEV Catalog

Staff Editor 2026-06-06

Terms and Conditions - Privacy Policy