Close Menu

    Subscribe to Updates

    Get the latest creative news from infofortech

    What's Hot

    Following the questions where they lead | MIT News

    July 18, 2026

    Best Over-Ear Headphones of 2026

    July 17, 2026

    How AI Voice Agents Change The Game For CX

    July 17, 2026
    Facebook X (Twitter) Instagram
    InfoForTech
    • Home
    • Latest in Tech
    • Artificial Intelligence
    • Cybersecurity
    • Innovation
    Facebook X (Twitter) Instagram
    InfoForTech
    Home»Cybersecurity»On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email
    Cybersecurity

    On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email

    InfoForTechBy InfoForTechMay 15, 2026No Comments3 Mins Read
    Facebook Twitter Pinterest Telegram LinkedIn Tumblr WhatsApp Email
    On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email
    Share
    Facebook Twitter LinkedIn Pinterest Telegram Email


    Ravie LakshmananMay 15, 2026Microsoft / Vulnerability

    Microsoft has disclosed a new security vulnerability impacting on-premise versions of Exchange Server that it said has come under active exploitation in the wild.

    The vulnerability, tracked as CVE-2026-42897 (CVSS score: 8.1), has been described as a spoofing bug stemming from a cross-site scripting flaw. An anonymous researcher has been credited with discovering and reporting the issue.

    “Improper neutralization of input during web page generation (‘cross-site scripting’) in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network,” the tech giant said in a Thursday advisory.

    Microsoft, which tagged the vulnerability with an “Exploitation Detected” assessment, said an attacker could weaponize it by sending a crafted email to a user, which, when opened in Outlook Web Access and subject to other “certain interaction conditions,” can allow arbitrary JavaScript code to be executed in the context of the web browser.

    Redmond also noted that it’s providing a temporary mitigation through its Exchange Emergency Mitigation Service, while it’s readying a permanent fix for the security defect.

    The Exchange Emergency Mitigation Service will provide the mitigation automatically via a URL rewrite configuration, and is enabled by default. If it’s not on, users are advised to enable the Windows service.

    According to Microsoft, Exchange Online is not impacted by this vulnerability. The following on-premises Exchange Server versions are affected –

    • Exchange Server 2016 (any update level)
    • Exchange Server 2019 (any update level)
    • Exchange Server Subscription Edition (SE) (any update level)

    If using the Exchange Emergency Mitigation Service is not an option due to air-gap restrictions, the company has outlined the following series of actions –

    • Download the latest version of the Exchange on-premises Mitigation Tool (EOMT) from aka[.]ms/UnifiedEOMT.
    • Apply the mitigation on a per-server basis or on all servers at once by running the script via an elevated Exchange Management Shell (EMS):
      • Single server: .\EOMT.ps1 -CVE “CVE-2026-42897”
      • All servers: Get-ExchangeServer | Where-Object { $_.ServerRole -ne “Edge” } | .\EOMT.ps1 -CVE “CVE-2026-42897”

    Microsoft said it’s also aware of a known issue where the mitigation shows the “Mitigation invalid for this exchange version.” in the Description field. “This issue is cosmetic and the mitigation DOES apply successfully if the status is shown as ‘Applied,'” the Exchange Team said. “We are investigating on how to address this.”

    There are currently no details on how the vulnerability is being exploited, the identity of the threat actor behind the activity, or the scale of such efforts. It’s also unclear who the targets are and if any of those attacks were successful. In the interim, it’s recommended to apply the mitigations recommended by Microsoft.

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    InfoForTech
    • Website

    Related Posts

    2026 Cybersecurity Forecast: Mid-Year Review & H2 Trends

    July 17, 2026

    E.U. Orders Google to Open Android Mic, Camera and Screen to Rival AI Assistants

    July 17, 2026

    How Can Deception Be Used in OT/ICS Networks?

    July 17, 2026

    Two Scattered Spider Hackers Get 5.5 Years Each for £29 Million TfL Hack

    July 16, 2026

    TuxBot v3 Evolution Shows Signs of LLM-Assisted IoT Botnet Development

    July 16, 2026

    Firefox, Chrome, Adobe, and VMware Updates Fix Multiple Critical Security Flaws

    July 15, 2026
    Leave A Reply Cancel Reply

    Advertisement
    Top Posts

    DoJ Disrupts 3 Million-Device IoT Botnets Behind Record 31.4 Tbps Global DDoS Attacks

    March 20, 202638 Views

    Microsoft is bringing an AI helper to Xbox consoles

    March 14, 202618 Views

    Why Security Validation Is Becoming Agentic

    March 16, 202616 Views

    This is the tech that makes Volvo’s latest EV a major step forward

    January 24, 202616 Views
    Stay In Touch
    • Facebook
    • Twitter
    • Pinterest
    • Instagram
    • YouTube
    • Vimeo
    Advertisement
    About Us
    About Us

    Our mission is to deliver clear, reliable, and up-to-date information about the technologies shaping the modern world. We focus on breaking down complex topics into easy-to-understand insights for professionals, enthusiasts, and everyday readers alike.

    We're accepting new partnerships right now.

    Facebook X (Twitter) YouTube
    Most Popular

    DoJ Disrupts 3 Million-Device IoT Botnets Behind Record 31.4 Tbps Global DDoS Attacks

    March 20, 202638 Views

    Microsoft is bringing an AI helper to Xbox consoles

    March 14, 202618 Views

    Why Security Validation Is Becoming Agentic

    March 16, 202616 Views
    Categories
    • Artificial Intelligence
    • Cybersecurity
    • Innovation
    • Latest in Tech
    © 2026 All Rights Reserved InfoForTech.
    • Home
    • About Us
    • Contact Us
    • Privacy Policy

    Type above and press Enter to search. Press Esc to cancel.

    Ad Blocker Enabled!
    Ad Blocker Enabled!
    Our website is made possible by displaying online advertisements to our visitors. Please support us by disabling your Ad Blocker.