Description of the security update for Microsoft Exchange Server 2019 CU15: February 10, 2026 (KB5074993)

Description of the security update for Microsoft Exchange Server 2019 CU15: February 10, 2026 KB5074993 This security update resolves vulnerabilities in Microsoft Exchange Server. To learn more about these vulnerabilities, see the following Common Vulnerabilities and Exposures CVE: CVE-2026-21527...

Description of the security update for Microsoft Exchange Server 2016 CU23: December 9, 2025 (KB5071873)

Description of the security update for Microsoft Exchange Server 2016 CU23: December 9, 2025 KB5071873 Original article content This security update resolves vulnerabilities in Microsoft Exchange Server. To learn more about these vulnerabilities, see the following Common Vulnerabilities and...

Description of the security update for Microsoft Exchange Server Subscription Edition RTM: December 9, 2025 (KB5071876)

Description of the security update for Microsoft Exchange Server Subscription Edition RTM: December 9, 2025 KB5071876 Original article content This security update resolves vulnerabilities in Microsoft Exchange Server. To learn more about these vulnerabilities, see the following Common...

Description of the security update for Microsoft Exchange Server 2019 CU14: December 9, 2025 (KB5071874)

Description of the security update for Microsoft Exchange Server 2019 CU14: December 9, 2025 KB5071874 Original article content This security update resolves vulnerabilities in Microsoft Exchange Server. To learn more about these vulnerabilities, see the following Common Vulnerabilities and...

EUVD-2017-17445

Malware in sbrugna...

EUVD-2025-27294

Malicious code in bioql PyPI...

CVE-2025-55234

SMB Server might be susceptible to relay attacks depending on the configuration. An attacker who successfully exploited these vulnerabilities could perform relay attacks and make the users subject to elevation of privilege attacks. The SMB Server already supports mechanisms for hardening against...

CVE-2025-55234

SMB Server might be susceptible to relay attacks depending on the configuration. An attacker who successfully exploited these vulnerabilities could perform relay attacks and make the users subject to elevation of privilege attacks. The SMB Server already supports mechanisms for hardening against...

CVE-2025-55234

SMB Server might be susceptible to relay attacks depending on the configuration. An attacker who successfully exploited these vulnerabilities could perform relay attacks and make the users subject to elevation of privilege attacks. The SMB Server already supports mechanisms for hardening against...

Windows SMB Elevation of Privilege Vulnerability

SMB Server might be susceptible to relay attacks depending on the configuration. An attacker who successfully exploited these vulnerabilities could perform relay attacks and make the users subject to elevation of privilege attacks. The SMB Server already supports mechanisms for hardening against...

PT-2025-36891

Name of the Vulnerable Software and Affected Versions Windows Server Message Block SMB versions prior to September 2025 Patch Tuesday Description The SMB Server may be susceptible to relay attacks depending on the configuration. Successful exploitation of this issue could allow an attacker to...

Description of the security update for Microsoft Exchange Server Subscription Edition RTM: August 12, 2025 (KB5063224)

Description of the security update for Microsoft Exchange Server Subscription Edition RTM: August 12, 2025 KB5063224 Original article content This security update rollup resolves vulnerabilities in Microsoft Exchange Server. To learn more about these vulnerabilities, see the following Common...

Description of the security update for Microsoft Exchange Server 2019: August 12, 2025 (KB5063222)

Description of the security update for Microsoft Exchange Server 2019: August 12, 2025 KB5063222 Original article content This security update rollup resolves vulnerabilities in Microsoft Exchange Server. To learn more about these vulnerabilities, see the following Common Vulnerabilities and...

Description of the security update for Microsoft Exchange Server 2016: August 12, 2025 (KB5063223)

Description of the security update for Microsoft Exchange Server 2016: August 12, 2025 KB5063223 Original article content This security update rollup resolves vulnerabilities in Microsoft Exchange Server. To learn more about these vulnerabilities, see the following Common Vulnerabilities and...

Description of the security update for Microsoft Exchange Server 2019: August 12, 2025 (KB5063221)

Description of the security update for Microsoft Exchange Server 2019: August 12, 2025 KB5063221 Original article content This security update rollup resolves vulnerabilities in Microsoft Exchange Server. To learn more about these vulnerabilities, see the following Common Vulnerabilities and...

Mitigating NTLM Relay Attacks by Default

Introduction In February 2024, we released an update to Exchange Server which contained a security improvement referenced by CVE-2024-21410 that enabled Extended Protection for Authentication EPA by default for new and existing installs of Exchange 2019. While we’re currently unaware of any activ...

Description of version 2 of the security update for Microsoft Exchange Server 2019 and 2016: November 27, 2024 (KB5049233)

Description of version 2 of the security update for Microsoft Exchange Server 2019 and 2016: November 27, 2024 KB5049233 Notice We have re-released the Exchange Server 2019 and 2016 November 12, 2024, security update SU to address the issue where Exchange Server stops processing Exchange Transpor...

Description of the security update for Microsoft Exchange Server 2019 and 2016: November 12, 2024 (KB5044062)

Description of the security update for Microsoft Exchange Server 2019 and 2016: November 12, 2024 KB5044062 Notice We have re-released the Exchange Server 2019 and 2016 November 12, 2024, security update SU to address the issue where Exchange Server stops processing Exchange Transport Rules ETR a...

OWA not accessible on Secure Web iOS when Extended Protection is Enabled

After enabling Extended Protection on Exchange Server 2019 CU14, accessing OWA via Secure Web iOS is no longer possible. Users accessing Outlook Web Access OWA through Secure Web on iOS are continuously getting http 401 login prompt. The issue is not seen when using other browsers like Chrome or...

Microsoft Exchange vulnerability actively exploited

As it turns out, there was another actively exploited vulnerability included in Microsoft’s patch Tuesday updates for February. When Microsoft said in its update guide for CVE-2024-21410 that the vulnerability was likely to be exploited by attackers, they weren’t kidding. Soon after they changed...