## Microsoft Releases Emergency Mitigations for Exchange Server Zero-Day Under Active Exploitation
Microsoft has published emergency mitigations for a critical zero-day vulnerability in Exchange Server after confirming active exploitation in the wild. The flaw, tracked as CVE-2026-42897, affects multiple supported versions of the enterprise email platform, prompting the company to urge immediate action from administrators while a permanent patch undergoes development.

The vulnerability enables remote attackers to leverage the flaw against unpatched servers, according to Microsoft's security advisory. The company released temporary workarounds and configuration guidance to reduce exposure until a formal security update becomes available. Organizations running affected Exchange Server deployments are advised to apply the provided mitigations without delay, particularly those with internet-facing mail gateway infrastructure. Microsoft typically maintains a 30-day window between vulnerability disclosure and patch availability under its coordinated vulnerability disclosure practices, though exploitation activity can accelerate internal timelines.

The disclosure underscores persistent targeting of Exchange Server environments by both state-sponsored groups and criminal operations seeking corporate email access, credential harvesting, and lateral movement opportunities. Security teams should verify current patch status, monitor for indicators of compromise tied to known Exchange exploitation patterns, and restrict external access to management interfaces. Microsoft stated it is actively working on a permanent fix and will release the update through standard servicing channels upon completion.
---
- **Source**: SecurityWeek RSS
- **Sector**: The Lab
- **Tags**: zero-day, CVE-2026-42897, Exchange Server, active exploitation, vulnerability mitigation
- **Credibility**: unverified
- **Published**: 2026-05-15 13:48:20
- **ID**: 83473
- **URL**: https://whisperx.ai/en/intel/83473