Tech Times

Exchange Server OWA Zero-Day CVE-2026-42897 Exploited With No Permanent Patch and New Mitigation Gaps

Microsoft confirmed on May 14 that CVE-2026-42897 — a cross-site scripting flaw in the Outlook Web Access component of Exchange Server 2016, 2019, and Subscription Edition — is under active ...

Do you use Microsoft Exchange? Hackers are actively exploiting a new zero-day flaw

Microsoft warns of a new zero-day vulnerability that leaves Exchange open to hackers.
Windows Report

Exchange Server 2016 And 2019 Hit By Critical OWA Vulnerability

Microsoft warned Exchange Server customers about critical OWA vulnerability CVE-2026-42897 affecting on-premises deployments.
SecurityWeek

Microsoft Warns of Exchange Server Zero-Day Exploited in the Wild

Microsoft is working to patch CVE-2026-42897, an Exchange Server zero-day vulnerability that has been exploited in attacks.
InfoWorld

Node.js welcomes Microsoft’s Chakra JavaScript engine

Node has traditionally been focused on Google's V8 JavaScript engine, but adding ChakraCore support will allow developers to target more platforms Microsoft on Tuesday submitted a pull request to Node ...