Microsoft Fixes Actively Exploited Exchange Server OWA Vulnerability
VPN Central [Unofficial]
June 16, 2026
Microsoft has patched an actively exploited Exchange Server vulnerability that can let attackers run malicious JavaScript in Outlook Web Access through a specially crafted email. The flaw is tracked as CVE-2026-42897 and affects on-premises Exchange Server deployments. Exchange Online customers are already protected, but organizations that still run Exchange Server locally need to verify mitigation […]
The post Microsoft Fixes Actively Exploited Exchange Server OWA Vulnerability appeared first on VPN Central.
Discussion in the ATmosphere