We’re midway through Q2 and there’s lots of interesting news: major updates to Messageware’s Server Threat Guard (STG), the release of Microsoft’s Exchange Server SE HU6, Microsoft extended Exchange support for 2019 & 2016, and a new Exchange Server zero day security threat.
Before we dig into those details, I’d like to highlight Messageware Server Threat Guard’s significant expansion into server health with more visibility, smarter alerting, and deeper insights, in addition to its security monitoring.
We’d appreciate the opportunity to have you test STG and see its benefits. Try it for free, it has a simple install and you’ll wonder how you managed without it.
Best regards,
Mark Rotman
President and CEO Messageware Incorporated
In this newsletter:
- Microsoft Exchange Zero-Day Alert: Immediate Action Required
- Messageware Releases Server Threat Guard (STG) 2.8
- Messageware Product Updates AV, EPG
- STG: Get 60 Days of Security 100% Free
- Product Videos for STG and EPG
- Microsoft Announces Extended Support for Exchange 2019 & 2016
- Exchange Server Updates for May 2026
Microsoft Exchange Zero-Day Vulnerability: Immediate Action Required
Microsoft has confirmed active exploitation of a critical zero-day vulnerability (CVE-2026-42897) affecting all on-premises Exchange Server 2016, 2019, and Subscription Edition deployments. The flaw allows attackers to execute malicious code simply by sending a crafted email to users accessing Outlook Web Access (OWA), enabling session hijacking and data theft. While a permanent patch is still in development, organizations must immediately enable the Exchange Emergency Mitigation Service (EEMS) or apply the Exchange On-premises Mitigation Tool (EOMT) to protect their systems.
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42897
- https://www.cve.org/CVERecord?id=CVE-2026-42897
- https://techcommunity.microsoft.com/blog/exchange/addressing-exchange-server-may-2026-vulnerability-cve-2026-42897/4518498
Messageware Releases Server Threat Guard (STG) 2.8
STG’s latest release marks a significant expansion of its server health monitoring, now matching its extensive security features of the product. Server Threat Guard (STG) delivers real-time threat detection and continuous server health monitoring to identify genuine security and reliability issues as they happen.
- Get Protected with STG: Download STG
- Get the STG Product Sheet: Download (PDF)
- Watch an STG Overview: Video Overview
- Watch an STG Demo: STG Demo
Messageware Product Updates
New versions of Messageware AttachView, Messageware Exchange Protocol Guard (EPG), and Messageware Server Threat Guard (STG) are now available. All versions are fully compatible with Microsoft’s latest Exchange SE, 2019, and 2016 editions, including the new Exchange SE HU6 update.
Updates: https://www.messageware.com/support/
Versions: https://www.messageware.com/pdf/Compatibility-Matrix.pdf
NEW Product Videos: Server Threat Guard & Exchange Protocol Guard
If you haven’t yet seen Server Threat Guard (STG) or Exchange Protocol Guard (EPG) in action, check out our newly released product overview and demonstration videos.
STG Overview
STG Product Demonstration
EPG Overview
EPG Product Demonstration
Ready to see these solutions in action within your own environment? Request Trial
Microsoft Announces Second ESU Period for Exchange 2019 & 2016
If your organization is still running Exchange Server 2016 or 2019, Microsoft has announced one final extension of security coverage. Microsoft officially announced the Period 2 Extended Security Update (ESU) program, extending critical security coverage through October 2026.
Full story here: https://www.messageware.com/microsoft-extends-exchange-server-2016-2019-esu/
Microsoft Releases May Hotfix Update (HU6 KB5081755) for Exchange Server SE
Microsoft released its semi-annual update. The release contains no security fixes, but delivers a key functional change for hybrid environments allowing organizations to start switching away from Exchange Web Services (EWS) to REST-based Microsoft Graph API calls.
Read more here: https://www.messageware.com/microsoft-releases-may-2026-exchange-server-hotfix-update/
No Exchange Server Security Updates (SU) for May 2026
Microsoft has confirmed no May 2026 Exchange Server security update. Microsoft has noted that the zero-day patches currently delivered via EOMT will be integrated into a future SU.
Details: https://www.messageware.com/patch-tuesday-no-exchange-server-security-updates-for-may-2026/
Fortify Your Server with Messageware Security
Data breaches have increased by 72%, servers are compromised in under 90 minutes. Ensure you have multiple layers of security software protecting your Windows Servers.
Server Threat Guard (STG) for All Windows Servers: Next-gen server protection, providing detection, alerting, and response (MDR) to zero-day and server penetration cyber-attacks. No need to research complicated deployments and no learning curve to install and manage.
EPG Guard for Exchange Servers: Real-time security. Stop AD account lockouts, eliminate password attacks, intelligent GEO blocking, and prevent Exchange Server vulnerability probing.
Don’t leave your critical infrastructure vulnerable, be proactive and stay ahead of evolving threats.