Late Wednesday, Microsoft and the Cybersecurity and Infrastructure Security Agency (CISA) cautioned about a recently found vulnerability in hybrid Microsoft Exchange. This defect could allow attackers to move from the on-premises edition of the program to its cloud equivalent, so maybe seize whole system control.
Identified as CVE-2025-53786, this vulnerability could enable an attacker with administrative access to the on-premises Exchange to increase their privileges by exploiting weak hybrid-joined configurations, according to CISA’s alert.
Microsoft has not yet seen any indications that hackers are actively exploiting this vulnerability, according to the CISA alert. Preferring to remain anonymous to offer an honest assessment, a CISA employee confirmed that the agency has similarly not seen any evidence of exploitation.
Microsoft released the April 2025 Exchange Server hotfix updates, which CISA has urged users running on-premises Exchange servers to download immediately. The agency also advised businesses to remove any internet-connected copies of SharePoint Server and Microsoft Exchange Server that have reached their end-of-life date.
Also read: Windows 11 Widgets Get an AI Overhaul with Copilot Discover
Microsoft revealed plans to temporarily restrict Exchange Web Services traffic via the company’s shared service principal in response to this. Furthermore, the company has urged its clients to switch to the Exchange Hybrid app, which Microsoft characterizes as a rich coexistence between its cloud and on-premises products. Users may therefore use other connected tools, check calendar status, and post profile images. Earlier in April, Microsoft advised consumers of the need for this migration. That change process is anticipated to be sped up by the Wednesday declaration.
“All companies are strongly urged to follow Microsoft instructions to lower risk,” said Chris Butera, the acting executive assistant director for cybersecurity for CISA. He cited the cooperation between Microsoft and CISA in addressing this vulnerability as another example of the kind of operational partnership that is securing the essential infrastructure of the country.