Until a permanent patch is developed, Microsoft has shared a couple ofmitigation options.Microsoft has not shared any information on the attacks exploiting CVE-2026-42897.SecurityWeekhas reached out to the company for clarification and will update this article if it responds.An anonymous researcher has been credited for reporting the vulnerability.It’s not uncommon for threat actors totargetExchange Server vulnerabilities —CISA’s KEV catalogcurrently lists nearly two dozen such flaws — but there do not appear to be any other reports of vulnerabilities discovered in 2025 and 2026 being exploited in the wild.It’s worth noting that CVE-2026-42897 has yet to be added to CISA’s KEV list.Related:Microsoft Patches Critical Zero-Click Outlook Vulnerability Threatening EnterprisesRelated:Cisco Patches Another SD-WAN Zero-Day, the Sixth Exploited in 2026Related:Ivanti Patches EPMM Zero-Day Exploited in Targeted AttacksRelated:Palo Alto Zero-Day Exploited in Campaign Bearing Hallmarks of Chinese State Hacking
Microsoft has not shared any information on the attacks exploiting CVE-2026-42897.SecurityWeekhas reached out to the company for clarification and will update this article if it responds.An anonymous researcher has been credited for reporting the vulnerability.It’s not uncommon for threat actors totargetExchange Server vulnerabilities —CISA’s KEV catalogcurrently lists nearly two dozen such flaws — but there do not appear to be any other reports of vulnerabilities discovered in 2025 and 2026 being exploited in the wild.It’s worth noting that CVE-2026-42897 has yet to be added to CISA’s KEV list.Related:Microsoft Patches Critical Zero-Click Outlook Vulnerability Threatening EnterprisesRelated:Cisco Patches Another SD-WAN Zero-Day, the Sixth Exploited in 2026Related:Ivanti Patches EPMM Zero-Day Exploited in Targeted AttacksRelated:Palo Alto Zero-Day Exploited in Campaign Bearing Hallmarks of Chinese State Hacking
An anonymous researcher has been credited for reporting the vulnerability.It’s not uncommon for threat actors totargetExchange Server vulnerabilities —CISA’s KEV catalogcurrently lists nearly two dozen such flaws — but there do not appear to be any other reports of vulnerabilities discovered in 2025 and 2026 being exploited in the wild.It’s worth noting that CVE-2026-42897 has yet to be added to CISA’s KEV list.Related:Microsoft Patches Critical Zero-Click Outlook Vulnerability Threatening EnterprisesRelated:Cisco Patches Another SD-WAN Zero-Day, the Sixth Exploited in 2026Related:Ivanti Patches EPMM Zero-Day Exploited in Targeted AttacksRelated:Palo Alto Zero-Day Exploited in Campaign Bearing Hallmarks of Chinese State Hacking
It’s not uncommon for threat actors totargetExchange Server vulnerabilities —CISA’s KEV catalogcurrently lists nearly two dozen such flaws — but there do not appear to be any other reports of vulnerabilities discovered in 2025 and 2026 being exploited in the wild.It’s worth noting that CVE-2026-42897 has yet to be added to CISA’s KEV list.Related:Microsoft Patches Critical Zero-Click Outlook Vulnerability Threatening EnterprisesRelated:Cisco Patches Another SD-WAN Zero-Day, the Sixth Exploited in 2026Related:Ivanti Patches EPMM Zero-Day Exploited in Targeted AttacksRelated:Palo Alto Zero-Day Exploited in Campaign Bearing Hallmarks of Chinese State Hacking
It’s worth noting that CVE-2026-42897 has yet to be added to CISA’s KEV list.Related:Microsoft Patches Critical Zero-Click Outlook Vulnerability Threatening EnterprisesRelated:Cisco Patches Another SD-WAN Zero-Day, the Sixth Exploited in 2026Related:Ivanti Patches EPMM Zero-Day Exploited in Targeted AttacksRelated:Palo Alto Zero-Day Exploited in Campaign Bearing Hallmarks of Chinese State Hacking
Related:Microsoft Patches Critical Zero-Click Outlook Vulnerability Threatening EnterprisesRelated:Cisco Patches Another SD-WAN Zero-Day, the Sixth Exploited in 2026Related:Ivanti Patches EPMM Zero-Day Exploited in Targeted AttacksRelated:Palo Alto Zero-Day Exploited in Campaign Bearing Hallmarks of Chinese State Hacking
Related:Cisco Patches Another SD-WAN Zero-Day, the Sixth Exploited in 2026Related:Ivanti Patches EPMM Zero-Day Exploited in Targeted AttacksRelated:Palo Alto Zero-Day Exploited in Campaign Bearing Hallmarks of Chinese State Hacking
Related:Ivanti Patches EPMM Zero-Day Exploited in Targeted AttacksRelated:Palo Alto Zero-Day Exploited in Campaign Bearing Hallmarks of Chinese State Hacking
Related:Palo Alto Zero-Day Exploited in Campaign Bearing Hallmarks of Chinese State Hacking
Eduard Kovacs (@EduardKovacs) is senior managing editor at SecurityWeek. He worked as a high school IT teacher before starting a career in journalism in 2011. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
Source: SecurityWeek
