Microsoft is retiring Exchange Web Services in Exchange Online, with phased disablement beginning in October 2026 and full retirement in April 2027. It is replacing it with the Microsoft Graph API, the unified endpoint for accessing Microsoft 365 services. To prepare for this transition, you can now use the EWSAllowedAppIDs parameter to restrict access by application identifier. This article explains how to inventory your current dependencies and configure the new allow list to prevent service disruptions.

Source

La vulnérabilité CVE-2026-42897 affecte Exchange Server 2016, 2019 et SE. Découvrez les mesures d'urgence pour atténuer la menace sans patch officiel.

Le post Exchange Server – CVE-2026-42897 : cette faille zero-day est déjà exploitée ! a été publié sur IT-Connect.