What is it?
On 06 Aug 2025, Microsoft disclosed a vulnerability in Microsoft Exchange Server which allows an administrator of a local Exchange Server to elevate their priviledges and gain access to other users’ Exchange Online cloud accounts.
Why is it a risk?
Although there are no known exploits of this vulnerability as of 07 Aug 2025, he Cybersecurity & Infrastructure Security Agency (CISA) has designated this as a “High Severity” Vulnerability (link below) and Microsoft has labelled it as “Exploitation More Likely”.
How can you mitigate the risk?
Patch your Microsoft Exchange Server to the latest version.
CISA has issued an Emergency Directive (link below) which includes mitigation steps.
There is a link below to the “Microsoft Exchange Health Checker” that will assist you.
Resources:
CISA Security Alert
CISA Emergency Directive
https://www.cisa.gov/news-events/directives/ed-25-02-mitigate-microsoft-exchange-vulnerability
Microsoft Exchange Health Checker
https://microsoft.github.io/CSS-Exchange/Diagnostics/HealthChecker/
