Stay updated on Microsoft's security innovations, latest threats, and best practices in information protection on our dedicated cybersecurity tag.
Search across headline titles and summaries.
Background for this topic.
Microsoft is a multinational technology company known for its software, hardware, and cloud services. In the context of information security, attention to Microsoft is essential since its products, including Windows operating systems, Office suite, and Azure cloud services, are widely used across personal and enterprise environments, making them a frequent target for cyber threats.
Microsoft's information security implications involve the management of vulnerabilities, implementation of security updates, and the development of advanced protection mechanisms to safeguard against malware, ransomware, phishing attacks, and other cyber threats. Additionally, Microsoft provides a range of security tools and services designed to improve the security posture of organizations, emphasizing identity and access management, threat protection, information protection, and security management.
The focus here extends to news about Microsoft's security updates, advisories, breach incidents involving Microsoft products, as well as innovative security technologies released by the company. Staying informed on Microsoft-related security news helps users and administrators maintain robust defenses in a landscape where threats continually evolve to exploit any weaknesses in popular systems and services.
Weekly headline count for the current query.
CVE-2026-42897 stems from a cross-site scripting (XSS) vulnerability and can allow an attacker to compromise Outlook Web Access (OWA) mailboxes.
The zero-day vulnerability affects on-premises installations for all versions of Exchange Server 2016, 2019 and Subscription Edition
On Thursday, Microsoft shared mitigations for a high-severity Exchange Server vulnerability exploited in attacks that allow threat actors to execute arbitrary code via cross-site scripting (XSS) while targeting Outlook on the web users. [...]
Microsoft has disclosed a new security vulnerability impacting on-premise versions of Exchange Server that it said has come under active exploitation in the wild