Security Alert: Microsoft Releases June 2026 Security Updates
Actively exploited. At least one CVE in this advisory is listed in the CISA Known Exploited Vulnerabilities catalog — exploitation has been observed in the wild. Treat remediation as urgent.
JPCERT-AT-2026-0017
JPCERT/CC
2026-06-10
I. Overview
Microsoft has released June 2026 Security Updates to address the vulnerabilities in their products. Attackers leveraging these vulnerabilities may be able to execute arbitrary code remotely without authentication, etc.
Microsoft Corporation
June 2026 Security Updates
https://msrc.microsoft.com/update-guide/en-US/releaseNote/2026-Jun
Microsoft has announced that the following vulnerability, disclosed on May 14, has been exploited in the wild. Please refer to the latest information provided by Microsoft and implement the measures described in "II. Solution."
CVE-2026-42897
Microsoft Exchange Server Spoofing Vulnerability
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-42897
II. Solution
Please apply the security update programs through Microsoft Update, Windows Update, etc.
Microsoft Update Catalog
https://www.catalog.update.microsoft.com/
Windows Update: FAQ
https://support.microsoft.com/en-us/help/12373/windows-update-faq
III. References
Microsoft Corporation
Release Notes
https://msrc.microsoft.com/update-guide/
If you have any information regarding this alert, please contact JPCERT/CC.
JPCERT Coordination Center (Cyber Security Coordination Group)
MAIL: ew-info@jpcert.or.jp
https://www.jpcert.or.jp/english/
CSIRTS triage
- What
- A spoofing vulnerability allows attackers to execute arbitrary code remotely without authentication.
- Who is affected
- Users of Microsoft Exchange Server are affected.
- Urgency
- Remediation is urgent as the vulnerability has been exploited in the wild.
- Action
- Apply the security update programs through Microsoft Update.
AI-assisted analysis generated from the source advisory — verify against the original.
⚡ Watch Exchange Server
Get an email when a new Exchange Server advisory drops — max one per day, one-click unsubscribe.
Details
Original advisory: https://www.jpcert.or.jp/english/at/2026/at260017.html
Exploitation outlook
EPSS (FIRST.org) estimates each CVE’s probability of exploitation in the next 30 days — here is the CSIRTS.com read on those numbers.
- Exploitation confirmedCVE-2026-42897Already exploited in the wild (CISA KEV) — the prediction phase is over. Patch now. Riskier than 92% of all scored CVEs.
Referenced CVEs
| CVE | CSIRTS overview | External |
|---|---|---|
| CVE-2026-42897 | coverage & exploitation status | NVD · CVE.org |
Same CVEs, other sources
How other CERTs, PSIRTs and databases cover the vulnerabilities in this advisory.
- critical[UPDATE] [critical] Microsoft Windows products: Multiple vulnerabilitiescert-bund
- unknownexploited[Update] Vulnerability in Microsoft Exchange Server (May 15, 2026)cert-fr-alerte
- criticalexploitedCVE-2026-42897: Microsoft Exchange Server Cross-Site Scripting Vulnerabilitycisa-kev
More from JPCERT/CC Security Alerts
- unknownSecurity Alert: Alert Regarding Vulnerabilities in Adobe Acrobat and Reader (APSB26-63)2026-06-10
- unknownSecurity Alert: [Updated] Alert Regarding Multiple Vulnerabilities in Trend Micro Products Including TrendAI A…2026-05-22
- unknownSecurity Alert: Microsoft Releases May 2026 Security Updates2026-05-13
- unknownSecurity Alert: Microsoft Releases April 2026 Security Updates2026-04-15
- unknownSecurity Alert: Alert Regarding Vulnerabilities in Adobe Acrobat and Reader (APSB26-44)2026-04-15