Steven Seeley's post and PoCs on the Exchange vulnerability, CVE-2020-16875, patched on Tuesday.
Much less serious than the initial MS advisory but still a solid vuln.
https://srcincite.io/advisories/src-2020-0019/
A Mastodon instance for info/cyber security-minded people.