A security vulnerability in Exchange Online allows email sender spoofing under certain conditions, facilitating phishing and social engineering attacks.
ACROS Security has released a 0patch micropatch for a spoofing vulnerability in Windows Shell that can be exploited via links; Microsoft patched the flaw in March 2026, and the micropatch enables rapid remediation without a restart.