{"id":249472,"date":"2026-05-15T08:35:00","date_gmt":"2026-05-15T12:35:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/05\/15\/microsoft-reports-severe-zero-day-flaw-in-on-prem-exchange-servers\/"},"modified":"2026-05-19T10:45:20","modified_gmt":"2026-05-19T14:45:20","slug":"microsoft-reports-severe-zero-day-flaw-in-on-prem-exchange-servers","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/05\/15\/microsoft-reports-severe-zero-day-flaw-in-on-prem-exchange-servers\/","title":{"rendered":"Microsoft Reports Severe Zero-Day Flaw in On-Prem Exchange Servers"},"content":{"rendered":"<p><a href=\"https:\/\/www.infosecurity-magazine.com\/news\/microsoft-zeroday-exchange-servers\/\">Microsoft Reports Severe Zero-Day Flaw in On-Prem Exchange Servers<\/a><\/p>\n<p><a href=\"https:\/\/www.infosecurity-magazine.com\/news\/microsoft-zeroday-exchange-servers\/\">https:\/\/www.infosecurity-magazine.com\/news\/microsoft-zeroday-exchange-servers\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-05-15 08:35:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.infosecurity-magazine.com\">www.infosecurity-magazine.com<\/a><\/p>\n<p>Microsoft has warned of a high-severity zero-day vulnerability that could lead to an attacker sending arbitrary code to a victim by sending a specially crafted email to an Outlook user.<\/p>\n<p>The flaw, tracked as CVE-2026-42897, is due to an improper neutralization of input during web page generation \u2013 also called cross-site scripting (XSS) \u2013 in Microsoft Exchange Server that allows an unauthorized attacker to perform spoofing over a network.<\/p>\n<p>This high-severity vulnerability (CVSS rating of 8.1), disclosed by the tech giant on May 14, is affecting some on-premises Exchange Server versions:<\/p>\n<ul>\n<li>All existing Exchange Server 2016 versions<\/li>\n<li>All existing Exchange Server 2019 versions<\/li>\n<li>All existing Exchange Server Subscription Edition (SE) versions<\/li>\n<\/ul>\n<p>It does not impact Exchange Online.<\/p>\n<h2><strong>Temporary Fixes Available While Patch Is in Development<\/strong><\/h2>\n<p>Microsoft has not yet released a patch for this vulnerability.<\/p>\n<p>However, in a security advisory published on May 14, the Exchange Team shared two approaches security teams can take to mitigate the impact of potential exploits of this vulnerability before patches are available.<\/p>\n<p>The first option, which Microsoft recommends, uses the Exchange Emergency Mitigation (EM) Service.<\/p>\n<p>If the EM Service is enabled, which it is by default, the mitigation has already been automatically applied.<\/p>\n<p>Administrators can verify this by:<\/p>\n<ul>\n<li>Checking the applied mitigations for CVE-2026-42897 (M2.1.x) through the documentation<\/li>\n<li>Running the Exchange Health Checker script to quickly check the status of EM Service and applied mitigations<\/li>\n<li>Enabling the EM Service if it is currently disabled, as Microsoft strongly recommends doing so<\/li>\n<\/ul>\n<p>Note that servers running versions older than March 2023 cannot receive new mitigations through this service.<\/p>\n<p>The second mitigation option is intended for environments unable to use the EM Service, such as disconnected or air-gapped environments.<\/p>\n<p>Administrators can manually apply the mitigation by:<\/p>\n<ul>\n<li>Downloading the&#8230;<\/li>\n<\/ul>\n<p><a href=\"https:\/\/www.infosecurity-magazine.com\/news\/microsoft-zeroday-exchange-servers\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Microsoft Reports Severe Zero-Day Flaw in On-Prem Exchange Servers https:\/\/www.infosecurity-magazine.com\/news\/microsoft-zeroday-exchange-servers\/ Publish Date: 2026-05-15 08:35:00 Source&#8230;<\/p>\n","protected":false},"author":1,"featured_media":249473,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/assets.infosecurity-magazine.com\/webpage\/og\/4fbe58d3-cb41-41bf-8f84-983725d20d8c.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[27],"class_list":["post-249472","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/249472"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=249472"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/249472\/revisions"}],"predecessor-version":[{"id":249474,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/249472\/revisions\/249474"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/249473"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=249472"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=249472"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=249472"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}