Microsoft Exchange Zero-Day: No Patch, Active Exploitation, Major Risk episode artwork

EPISODE · May 22, 2026 · 10 MIN

Microsoft Exchange Zero-Day: No Patch, Active Exploitation, Major Risk

from IT SPARC Cast

A newly disclosed Microsoft Exchange vulnerability is actively being exploited in the wild, and there’s still no permanent patch available. In this episode of IT SPARC Cast – CVE of the Week, John and Lou break down CVE-2026-42897, explain how attackers can exploit Outlook Web Access through malicious emails, and discuss why temporary mitigations may not be enough for organizations still running on-prem Exchange.⸻📄 Show Notes🚨 CVE of the Week: Microsoft Exchange / Outlook Web Access ExploitThis week’s episode focuses on CVE-2026-42897, a high-severity vulnerability affecting:Microsoft Exchange Server 2016Microsoft Exchange Server 2019Exchange Subscription EditionThe vulnerability is a cross-site scripting (XSS) and spoofing flaw impacting Outlook Web Access (OWA).⸻⚠️ How the Attack WorksAttackers send specially crafted emails that execute malicious JavaScript when opened through Outlook Web Access.Potential impacts include:Session hijackingBrowser-based code executionExchange session theftSpoofing attacksThe vulnerability is already being actively exploited in the wild.⸻🌐 Who Is Affected?This impacts on-prem Exchange deployments only.Cloud-hosted Exchange Online environments are not currently believed to be affected.Organizations most at risk include:Enterprises with legacy Exchange infrastructureOrganizations avoiding cloud email hostingRemote-access-heavy environments relying on OWA⸻🛠️ Mitigation Steps for CVE-2026-42897✅ 1️⃣ Apply Microsoft Emergency MitigationsMicrosoft has released temporary protections through:Exchange Emergency Mitigation Service (EEMS)URL rewrite mitigation rulesApply these immediately.⚠️ Important:These mitigations are pattern-based and may not block future modified exploits.⸻✅ 2️⃣ Consider Disabling Outlook Web Access (OWA)If operationally possible:Disable OWA temporarilyRequire users to use the Outlook desktop client insteadThis significantly reduces exposure.⸻✅ 3️⃣ Prepare for Operational Side EffectsKnown mitigation side effects include:Calendar printing failuresInline image rendering problemsIncreased help desk ticketsOrganizations should proactively communicate these issues to users.⸻✅ 4️⃣ Patch Immediately When AvailableAt recording time:No permanent patch exists yetApply the official patch immediately once releasedThis is not a vulnerability where delayed patching is safe.⸻🔒 Security TakeawaysThis vulnerability reinforces several growing cybersecurity realities:On-prem infrastructure carries operational security burdensBrowser-based attacks remain highly effectiveTemporary mitigations are not substitutes for permanent fixesJohn and Lou also discuss how attackers increasingly chain vulnerabilities together and how AI-assisted exploit development is accelerating the speed of attacks.⸻💬 Listener FeedbackThanks to listener “ZZZZ” on YouTube for pushing back on last week’s discussion around passwords stored in clear text memory.The discussion highlights an important point:Many vulnerabilities are low risk for average usersBut become extremely dangerous for high-value targets such as executives and organizations with sensitive data⸻📣 Wrap UpAre organizations moving away from on-prem Exchange fast enough, or are these vulnerabilities making the case for cloud migration even stronger?📧 [email protected]🐦 @itsparccast on X⸻🔗 Social LinksIT SPARC Cast@ITSPARCCast on Xhttps://www.linkedin.com/company/sparc-sales/ on LinkedInJohn Barger@john_Video on Xhttps://www.linkedin.com/in/johnbarger/ on LinkedInLou Schmidt@loudoggeek on Xhttps://www.linkedin.com/in/louis-schmidt-b102446/ on LinkedIn Hosted on Acast. See acast.com/privacy for more information.

A newly disclosed Microsoft Exchange vulnerability is actively being exploited in the wild, and there’s still no permanent patch available. In this episode of IT SPARC Cast – CVE of the Week, John and Lou break down CVE-2026-42897, explain how attackers can exploit Outlook Web Access through malicious emails, and discuss why temporary mitigations may not be enough for organizations still running on-prem Exchange.⸻📄 Show Notes🚨 CVE of the Week: Microsoft Exchange / Outlook Web Access ExploitThis week’s episode focuses on CVE-2026-42897, a high-severity vulnerability affecting:Microsoft Exchange Server 2016Microsoft Exchange Server 2019Exchange Subscription EditionThe vulnerability is a cross-site scripting (XSS) and spoofing flaw impacting Outlook Web Access (OWA).⸻⚠️ How the Attack WorksAttackers send specially crafted emails that execute malicious JavaScript when opened through Outlook Web Access.Potential impacts include:Session hijackingBrowser-based code executionExchange session theftSpoofing attacksThe vulnerability is already being actively exploited in the wild.⸻🌐 Who Is Affected?This impacts on-prem Exchange deployments only.Cloud-hosted Exchange Online environments are not currently believed to be affected.Organizations most at risk include:Enterprises with legacy Exchange infrastructureOrganizations avoiding cloud email hostingRemote-access-heavy environments relying on OWA⸻🛠️ Mitigation Steps for CVE-2026-42897✅ 1️⃣ Apply Microsoft Emergency MitigationsMicrosoft has released temporary protections through:Exchange Emergency Mitigation Service (EEMS)URL rewrite mitigation rulesApply these immediately.⚠️ Important:These mitigations are pattern-based and may not block future modified exploits.⸻✅ 2️⃣ Consider Disabling Outlook Web Access (OWA)If operationally possible:Disable OWA temporarilyRequire users to use the Outlook desktop client insteadThis significantly reduces exposure.⸻✅ 3️⃣ Prepare for Operational Side EffectsKnown mitigation side effects include:Calendar printing failuresInline image rendering problemsIncreased help desk ticketsOrganizations should proactively communicate these issues to users.⸻✅ 4️⃣ Patch Immediately When AvailableAt recording time:No permanent patch exists yetApply the official patch immediately once releasedThis is not a vulnerability where delayed patching is safe.⸻🔒 Security TakeawaysThis vulnerability reinforces several growing cybersecurity realities:On-prem infrastructure carries operational security burdensBrowser-based attacks remain highly effectiveTemporary mitigations are not substitutes for permanent fixesJohn and Lou also discuss how attackers increasingly chain vulnerabilities together and how AI-assisted exploit development is accelerating the speed of attacks.⸻💬 Listener FeedbackThanks to listener “ZZZZ” on YouTube for pushing back on last week’s discussion around passwords stored in clear text memory.The discussion highlights an important point:Many vulnerabilities are low risk for average usersBut become extremely dangerous for high-value targets such as executives and organizations with sensitive data⸻📣 Wrap UpAre organizations moving away from on-prem Exchange fast enough, or are these vulnerabilities making the case for cloud migration even stronger?📧 [email protected]🐦 @itsparccast on X⸻🔗 Social LinksIT SPARC Cast@ITSPARCCast on Xhttps://www.linkedin.com/company/sparc-sales/ on LinkedInJohn Barger@john_Video on Xhttps://www.linkedin.com/in/johnbarger/ on LinkedInLou Schmidt@loudoggeek on Xhttps://www.linkedin.com/in/louis-schmidt-b102446/ on LinkedIn Hosted on Acast. See acast.com/privacy for more information.

NOW PLAYING

Microsoft Exchange Zero-Day: No Patch, Active Exploitation, Major Risk

0:00 10:27

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

Breaking News Show | eTurboNews Juergen Thomas Steinmetz News is relevant to the global travel and tourism industry, human rights and global issues.Breaking news when it happens and only from the source. LIGHTS, CAMERA, SMILE! Creatives Club Media Lights, Camera, Smile, is a podcast for anyone with a dream to share something with the world, out of the overflow of themselves - be it their mind, their heart, their personalities, and much more. Each of us are alive in this moment in time, with an innate ability to have ideas and create various things to benefit both ourselves and the people around us for a reason, and here, you will find the encouragement, the inspiration, and the motivation to do just that. Hosted by Cicily, founder of Creatives Club, she dives into various topics surrounding creativity and business. Exploring entrepreneurship for creatives in a corporate reality, sharing tips and tricks in a media centered company, answering questions regarding what a creative actually is are just a few of the things discussed on this podcast. Be encouraged to create for yourself as Cicily gets vulnerable by pivoting the camera to herself for the first time.To submit questions for Cicily to answer, or have her address certain t Invictus by Greyana, A Tomione Podfic M+G Readings Sporadic uploads thanks to gallstones.Voldemort intended the object to be used by his most loyal follower in the event that his horcruxes were destroyed, but it ended up in Hermione’s possession instead.It sent her back to a time when he was much less the monster that she’d always known him to be. Nothing could have prepared her for the intelligence and charm of Tom Riddle.He isn’t who she thought he was.Hermione discovers that it’s a dark descent into the madness of the man she should hate, but can’t… a descent she will never emerge fr The Course Mentors Podcast The Course Mentors Hey there, future course creator!Ever feel like turning your know-how into an online course is like trying to solve a Rubik's cube blindfolded? Well, grab your headphones because "The Course Mentors Podcast" is here to be your secret weapon!Meet Aimee and Odette (that's us!), your new best friends in the course creation world. We've been in the trenches for over a decade, and for the last five years, we've been rocking the online course space. Now we're here to spill all our secrets in bite-sized, 15-20 minute episodes that'll fit perfectly in your coffee breaks.No fluff, no filler - just real, actionable advice that'll take you from "um, what's a landing page?" to "holy moly, I just hit six figures!". We're talking everything from crafting your course to marketing it like a pro and building a business that'll have you pinching yourself.Whether you're dreaming of ditching the 9-to-5 grind, adding a sweet extra income str

Frequently Asked Questions

How long is this episode of IT SPARC Cast?

This episode is 10 minutes long.

When was this IT SPARC Cast episode published?

This episode was published on May 22, 2026.

What is this episode about?

A newly disclosed Microsoft Exchange vulnerability is actively being exploited in the wild, and there’s still no permanent patch available. In this episode of IT SPARC Cast – CVE of the Week, John and Lou break down CVE-2026-42897, explain how...

Can I download this IT SPARC Cast episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!