Microsoft has released security updates to address a vulnerability in Exchange Server that was being actively exploited in zero-day attacks. The flaw, tracked as CVE-2026-42897, affects on-premises Microsoft Exchange environments and had already been used by threat actors before a patch became available.
The company first warned customers about ongoing exploitation in mid-May, urging administrators to implement temporary mitigations while a permanent fix was being prepared. With the release of the latest security updates, Microsoft is now recommending that all affected organizations apply the patches as soon as possible to prevent further compromise.
Exchange Server remains a high-value target for attackers because it often serves as a critical communication platform within organizations and can provide access to sensitive emails, credentials, and internal systems. Historically, vulnerabilities in Exchange have been heavily targeted by both cybercriminal groups and state-sponsored threat actors seeking initial access to enterprise networks.
While Microsoft has not disclosed extensive technical details about the vulnerability, the company confirmed that it had observed active exploitation before the patch was released. Limiting public information is a common practice intended to reduce the likelihood of additional attacks while organizations work to deploy updates.
Security teams are encouraged to review their environments for signs of compromise, verify that all Exchange servers have been updated, and ensure that any previously recommended mitigations remain in place until patch deployment is complete. Organizations should also examine authentication logs, administrator activity, and unusual mailbox access patterns to identify potential indicators of intrusion.
The release underscores the continued security challenges associated with managing on-premises messaging infrastructure. As threat actors increasingly focus on vulnerabilities that can provide direct access to enterprise communications, timely patch management remains one of the most effective defenses against large-scale compromise.