Microsoft Exchange
The latest Microsoft Exchange coverage — news, analysis, and updates from the WindowsNews.AI desk.
Microsoft Drops a 9.6-Rated Exchange Server Patch—Here’s Your Step-by-Step Urgent Fix Plan
Microsoft shipped security updates for on-premises Exchange Server on July 14, 2026, closing a critical spoofing vulnerability (CVE-2026-55008) that earned a 9.6 CVSS 3.1 rating. The patch bundle...
Exchange Servers at Risk: New Privilege Bug Patched, But Only for Paid Subscribers
Microsoft on July 14, 2026 shipped security updates that close a privilege‑escalation hole in multiple versions of Exchange Server. The flaw, tracked as CVE‑2026‑55009, could let an...
Microsoft to Pull Plug on OWA Light for On-Premises Exchange, Targeting August 2026
Microsoft is formally retiring the lightweight version of Outlook on the Web for on-premises Exchange Server, with removal planned for a future update around August 2026. The company’s Exchange...
Public Exploit Code Drops for Exchange Server CVE-2026-45502, Administrators Urged to Patch Now
A proof-of-concept exploit for CVE-2026-45502, an authenticated server-side request forgery vulnerability in Microsoft Exchange Web Services, appeared on June 22, 2026, just 13 days after Microsoft...
CVE-2026-47631 Exchange Spoofing: Act Now Despite Sparse Patch Details
Microsoft dropped CVE-2026-47631 into its Security Update Guide this week, flagging a spoofing vulnerability in Microsoft Exchange Server. The advisory offers almost nothing beyond a high-confidence...
Apply Microsoft’s Emergency Exchange Patch Now to Block CVE-2026-45583 Attacks
Microsoft Exchange administrators face yet another critical patching fire drill with the release of CVE-2026-45583, a remote code execution vulnerability that puts on-premises mail servers at...
CVE-2026-45504: Apply June Exchange Patch Now to Block Privilege Escalation
Microsoft disclosed CVE-2026-45504—an elevation-of-privilege vulnerability in Microsoft Exchange Server—as part of its June 9, 2026 Patch Tuesday release. The vulnerability carries an Important...
CVE-2026-45503 Exchange Info Disclosure: Patch Immediately to Protect Sensitive Data
Microsoft has published a critical security advisory for CVE-2026-45503, an information disclosure vulnerability affecting on-premises Exchange Server deployments. The advisory, available through the...
CVE-2026-45502: Why Microsoft's 'Confirmed' Report Confidence Raises the Stakes for Exchange Server Admins
Microsoft published CVE-2026-45502 on June 9, 2026, marking it as a critical information disclosure vulnerability in Microsoft Exchange Server. The advisory, posted in the Microsoft Security Response...
Microsoft Exchange Spoofing Flaw CVE-2026-45501: Patch Now to Block Phishing Attacks
Microsoft's June 2026 Patch Tuesday rollout includes a crucial fix for an Important-rated spoofing vulnerability in on-premises Exchange Server. Tracked as CVE-2026-45501, this security flaw could...
Deploy June 9 Patch for CVE-2026-45500 Exchange Spoofing Risk
Microsoft’s June 2026 Patch Tuesday rollout on June 9 delivered a crucial security fix for Microsoft Exchange Server administrators. Among the updates is CVE-2026-45500, a spoofing vulnerability...
4BID Hacktivists Go Global: Exchange Shells, RMMs & EDR Killers Deployed
Kaspersky’s Global Research and Analysis Team (GReAT) published a report on June 8, 2026, revealing a significant escalation in hacktivist operations tied to the 4BID collective and overlapping...