Microsoft confirms active exploitation of Exchange zero-day flaw

Zero-day confirmed: CVE-2026-42897 affects on-premise Exchange 2016 and 2019, enabling code execution via malicious emails without clicks or downloads.
Active exploitation: CISA added the flaw to its Known Exploited Vulnerabilities catalog, confirming real-world attacks and prioritizing urgent remediation.
Urgent mitigation: Microsoft advises immediate patching, limiting web access to Exchange, and closely monitoring for signs of compromise.