OWA
Microsoft patches Exchange Server zero-day exploited in attacks
Microsoft has patched an actively exploited Exchange Server vulnerability that allows threat actors to execute arbitrary JavaScript code in cross-site scripting (XSS) attacks targeting Outlook Web Access users. This high-severity spoofing vulnerability (CVE-2026-42897) affects Exchange Server 2016, Exchange Server 2019, and Exchange Server Subscription Edition (SE) software and can be exploited by remote attackers with […]
Microsoft Exchange Online outage affects Outlook web users
Microsoft is investigating an ongoing outage preventing Outlook on the web users from accessing their Exchange Online mailboxes. According to thousands of user reports on DownDetector, the issue started impacting Microsoft’s services more than two hours ago and is affecting customers attempting to log into their accounts, accessing the website, and triggering server connection problems. “We’re […]