Microsoft Confirms Active 0-Day Exploit—Check Emergency Mitigation

Microsoft Exchange users are urged to mitigate a zero-day vulnerability that CISA has confirmed is under active exploitation.
Windows Report

Exchange Server 2016 And 2019 Hit By Critical OWA Vulnerability

Microsoft warned Exchange Server customers about critical OWA vulnerability CVE-2026-42897 affecting on-premises deployments.
The Hacker News

On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email

Microsoft has disclosed a new security vulnerability impacting on-premise versions of Exchange Server that it said has come ...
Ars Technica

Multiple same-domain Exchange accounts in one Outlook Profile breaks stuff

Outlook 2010-2016 allows you to add multiple Exchange accounts (from the same Exchange server / domain) to a single Outlook Profile. MS has a KB article that says this is unsupported and can cause ...
Ars Technica

Domain Migration and Exchange Upgrade

I am starting the planning process for upgrading my company from an NT4 Domain to Active Directory as well as from Exchange 5.5. to Exchange 2003.<BR><BR>Our current process is server consolidation ...
CRN

LockFile Ransomware Encrypting Domains Via Exchange Hack

‘These vulnerabilities are worse than ProxyLogon, the Exchange vulnerabilities revealed in March - they are more exploitable, and organizations largely haven’t patched,’ writes security research Kevin ...
Dark Reading

Microsoft Exchange Vuln Enables Attackers to Gain Domain Admin Privileges

Microsoft Exchange 2013 and newer versions are vulnerable to a privilege escalation attack that gives anyone with a mailbox a way to gain domain administrator rights at potentially 90% of ...