serisec

Category: Microsoft

  • VS Code zero-day lets hackers steal GitHub tokens in one click

    VS Code zero-day lets hackers steal GitHub tokens in one click A security researcher has released exploit code for a Visual Studio Code (VS Code) zero-day vulnerability that allows attackers to steal GitHub authentication tokens by tricking users into clicking a link. […] Sergiu Gatlan Go to bleepingcomputer

  • Microsoft’s Coreutils project brings Linux commands to Windows

    Microsoft’s Coreutils project brings Linux commands to Windows Microsoft announced today at its Build 2026 developer conference the release of Coreutils for Windows, bringing many commonly used Linux command-line utilities to Windows as native applications. […] Lawrence Abrams Go to bleepingcomputer

  • Microsoft Threatening Security Researcher

    Microsoft Threatening Security Researcher An anonymous security researcher called “Nightmare Eclipse” has been publishing a series of significant security exploits against Microsoft Windows—including one that breaks BitLocker. Microsoft has threatened legal action against the researcher. Lots of recriminations are being traded back and forth. Bruce Schneier Go to bruce schneier

  • Microsoft Tightens Entra ID Password Resets With New Authentication Change

    Microsoft Tightens Entra ID Password Resets With New Authentication Change Microsoft has announced a significant security update to its Entra ID Self-Service Password Reset (SSPR) feature, introducing stricter authentication requirements designed to reduce identity-based attacks. The update mandates the use of explicitly registered authentication methods, removing reliance on directory-stored contact information that has not been…

  • Microsoft Clarifies It Won’t Sue Security Researchers Amid Nightmare-Eclipse Controversy

    Microsoft Clarifies It Won’t Sue Security Researchers Amid Nightmare-Eclipse Controversy Microsoft has clarified its stance, reducing perceived legal threats and reaffirming its commitment to coordinated vulnerability disclosure, following significant backlash from the security research community. In a carefully worded statement released in late May 2026, Microsoft’s Security Response Center (MSRC) moved to defuse a growing crisis over…

  • Microsoft Warns Public Release of Zero-Day Details Before Vendor Coordination

    Microsoft Warns Public Release of Zero-Day Details Before Vendor Coordination Microsoft has issued a strong warning after multiple zero-day vulnerabilities were publicly disclosed without prior coordination, raising concerns about increased risk to users and enterprise environments. The company stated that recent disclosures exposed critical security flaws before patches were available, giving threat actors a potential…

  • Windows 11 KB5089573 update released with performance improvements

    Windows 11 KB5089573 update released with performance improvements Microsoft has released the KB5089573 preview cumulative update for Windows 11 versions 25H2 and 24H2, which comes with 30 changes, including performance and reliability improvements. […] Sergiu Gatlan Go to bleepingcomputer

  • FBI warns of Kali365 phishing kit that breaks into Microsoft 365 accounts – no password required

    FBI warns of Kali365 phishing kit that breaks into Microsoft 365 accounts – no password required So, you’ve enabled multi-factor authentication. You’ve taught your staff never to type their passwords into dodgy-looking login pages. Surely your Microsoft 365 accounts are safe now? Well, think again. Read more in my article on the Hot for Security…

  • Microsoft: Domain Controller lookup may fail on Windows Server 2016

    Microsoft: Domain Controller lookup may fail on Windows Server 2016 Microsoft has confirmed a new known issue affecting Windows Server 2016 systems that causes domain controller lookups to fail after installing the KB5087537 May 2026 security update. […] Sergiu Gatlan Go to bleepingcomputer

  • FBI Warns of Kali365 Attacking Microsoft 365 Users to Steal Logins and Bypass MFA

    FBI Warns of Kali365 Attacking Microsoft 365 Users to Steal Logins and Bypass MFA The FBI has issued a new cybersecurity warning about a rapidly emerging phishing-as-a-service (PhaaS) platform named Kali365, which is actively targeting Microsoft 365 users to steal access tokens and bypass multi-factor authentication (MFA). Kali365 is being distributed primarily through Telegram channels,…

  • Microsoft warns of new Defender zero-days exploited in attacks

    Microsoft warns of new Defender zero-days exploited in attacks On Wednesday, Microsoft started rolling out security patches for two Defender vulnerabilities that have been exploited in zero-day attacks. […] Sergiu Gatlan Go to bleepingcomputer

  • Microsoft shares mitigation for YellowKey Windows zero-day

    Microsoft shares mitigation for YellowKey Windows zero-day Microsoft has shared mitigations for YellowKey, a recently disclosed Windows BitLocker zero-day vulnerability that grants access to protected drives. […] Sergiu Gatlan Go to bleepingcomputer

  • Microsoft confirms Windows 11 security update install issues

    Microsoft confirms Windows 11 security update install issues Microsoft has confirmed that the May 2026 Windows 11 security update (KB5089549) fails to install on some systems and triggers 0x800f0922 errors. […] Sergiu Gatlan Go to bleepingcomputer

  • New Windows ‘MiniPlasma’ zero-day exploit gives SYSTEM access, PoC released

    New Windows ‘MiniPlasma’ zero-day exploit gives SYSTEM access, PoC released A cybersecurity researcher has released a proof-of-concept exploit for a Windows privilege escalation zero-day dubbed “MiniPlasma” that lets attackers gain SYSTEM privileges on fully patched Windows systems.  […] Lawrence Abrams Go to bleepingcomputer

  • CISA Warns of Microsoft Exchange Server Vulnerability Exploited in Attacks

    CISA Warns of Microsoft Exchange Server Vulnerability Exploited in Attacks CISA has issued a fresh warning about a newly disclosed Microsoft Exchange Server vulnerability that is already being exploited in real-world attacks, raising concerns for organizations relying on on-premises email infrastructure. The flaw CVE-2026-42897 is a cross-site scripting (XSS) vulnerability affecting Microsoft Exchange Server, specifically within…

  • Microsoft Exchange, Windows 11, and Cursor Zero-Days Exploited on Pwn2Own Day 2

    Microsoft Exchange, Windows 11, and Cursor Zero-Days Exploited on Pwn2Own Day 2 Pwn2Own Berlin 2026 is rapidly escalating into one of the most intense offensive security contests in recent years, with Day Two delivering a fresh wave of critical zero-day exploits targeting enterprise software, AI tools, and operating systems. Security researchers demonstrated real-world attack scenarios…

  • Microsoft Exchange, Windows 11 hacked on second day of Pwn2Own

    Microsoft Exchange, Windows 11 hacked on second day of Pwn2Own ​During the second day of Pwn2Own Berlin 2026, competitors collected $385,750 in cash awards after exploiting 15 unique zero-day vulnerabilities in multiple products, including Windows 11, Microsoft Exchange, and Red Hat Enterprise Linux for Workstations. […] Sergiu Gatlan Go to bleepingcomputer

  • Microsoft backpedals: Edge to stop loading passwords into memory

    Microsoft backpedals: Edge to stop loading passwords into memory Microsoft is updating the Edge web browser to ensure it no longer loads saved passwords into process memory in clear text at startup after previously stating it was “by design.” […] Sergiu Gatlan Go to bleepingcomputer

  • Microsoft warns of Exchange zero-day flaw exploited in attacks

    Microsoft warns of Exchange zero-day flaw exploited in attacks On Thursday, Microsoft shared mitigations for a high-severity Exchange Server vulnerability exploited in attacks that allow threat actors to execute arbitrary code via cross-site scripting (XSS) while targeting Outlook on the web users. […] Sergiu Gatlan Go to bleepingcomputer

  • Critical Microsoft Exchange Server Vulnerability Actively Exploited in Attacks

    Critical Microsoft Exchange Server Vulnerability Actively Exploited in Attacks Microsoft issued an urgent security alert regarding a newly discovered vulnerability in Exchange Server that is currently being exploited in the wild. Tracked as CVE-2026-42897, this critical spoofing flaw carries a high CVSS 3.1 severity score of 8.1 and directly impacts on-premises email infrastructure. Threat actors…

  • Microsoft releases Windows 10 KB5087544 extended security update

    Microsoft releases Windows 10 KB5087544 extended security update Microsoft has released the Windows 10 KB5087544 extended security update to fix the May 2026 Patch Tuesday vulnerabilities and resolve an issue with the new Remote Desktop warnings. […] Lawrence Abrams Go to bleepingcomputer

  • Patch Tuesday, May 2026 Edition

    Patch Tuesday, May 2026 Edition Artificial intelligence platforms may be just as susceptible to social engineering as human beings, but they are proving remarkably good at finding security vulnerabilities in human-made computer code. That reality is on full display this month with some of the more widely-used software makers — including Apple, Google, Microsoft, Mozilla…

  • Microsoft Teams for Android Allow Users to Join Third-Party Meetings via SIP

    Microsoft Teams for Android Allow Users to Join Third-Party Meetings via SIP Microsoft is expanding interoperability in its mobile communication ecosystem by allowing Microsoft Teams users on Android devices to join third-party meetings via the Session Initiation Protocol (SIP). Recently detailed on the Microsoft 365 roadmap, this upcoming feature addresses a major enterprise demand for…

  • Azure AD Conditional Access Bypassed Via Phantom Device Registration and PRT Abuse

    Azure AD Conditional Access Bypassed Via Phantom Device Registration and PRT Abuse Cloud identity security relies heavily on Microsoft Entra ID (formerly Azure AD) Conditional Access. It acts as the primary digital gatekeeper, checking user locations, calculating risk scores, and verifying device health before granting access. However, an authorized red team engagement by Howler Cell…

  • Microsoft Defender wrongly flags DigiCert certs as Trojan:Win32/Cerdigent.A!dha

    Microsoft Defender wrongly flags DigiCert certs as Trojan:Win32/Cerdigent.A!dha Microsoft Defender is detecting legitimate DigiCert root certificates as Trojan:Win32/Cerdigent.A!dha, resulting in widespread false-positive alerts, and in some cases, removing certificates from Windows. […] Lawrence Abrams Go to bleepingcomputer

  • Microsoft tests modern Windows Run, says it’s faster than legacy dialog

    Microsoft tests modern Windows Run, says it’s faster than legacy dialog Microsoft has confirmed that Windows 11 is getting a new modern Run dialog with dark mode support and faster performance in a new preview build. […] Mayank Parmar Go to bleepingcomputer

  • Windows 11 KB5083631 update released with 34 changes and fixes

    Windows 11 KB5083631 update released with 34 changes and fixes Microsoft has released the KB5083631 optional cumulative update for Windows 11, which includes 34 changes, such as a new Xbox mode for Windows PCs, enhanced security and performance for batch files, and performance improvements for launching startup apps. […] Sergiu Gatlan Go to bleepingcomputer

  • Alleged Silk Typhoon hacker extradited to the United States to face charges

    Alleged Silk Typhoon hacker extradited to the United States to face charges A man accused of working as a hacker for China’s Ministry of State Security has been extradited to the USA from Italy, and faces – if found guilty – the prospect of decades behind bars. Read more in my article on the Hot…

  • Microsoft: New Remote Desktop warnings may display incorrectly

    Microsoft: New Remote Desktop warnings may display incorrectly Microsoft has confirmed a new issue causing newly introduced Windows security warnings to display incorrectly when opening Remote Desktop (.rdp) files. […] Sergiu Gatlan Go to bleepingcomputer

  • Microsoft asks iPhone users to reauthenticate after Outlook outage

    Microsoft asks iPhone users to reauthenticate after Outlook outage After addressing a widespread outage that affected Outlook.com users worldwide on Monday, Microsoft has asked iPhone users to re-enter their credentials to regain access to their Outlook and Hotmail accounts via the default Mail app. […] Sergiu Gatlan Go to bleepingcomputer

  • Microsoft rolls out revamped Windows Insider Program

    Microsoft rolls out revamped Windows Insider Program Microsoft says it’s rolling out a revamped Windows Insider Program experience as part of the broader plans to address performance and reliability concerns affecting Windows 11. […] Mayank Parmar Go to bleepingcomputer

  • Windows Update gets new controls to reduce forced restarts

    Windows Update gets new controls to reduce forced restarts Microsoft is rolling out Windows Update improvements that give users more control over how updates are installed while reducing disruption from frequent or poorly timed restarts. […] Lawrence Abrams Go to bleepingcomputer

  • Microsoft to roll out Entra passkeys on Windows in late April

    Microsoft to roll out Entra passkeys on Windows in late April Microsoft will roll out passkey support for phishing-resistant passwordless authentication to Microsoft Entra‑protected resources from Windows devices starting late April. […] Sergiu Gatlan Go to bleepingcomputer

  • Hackers Can Abuse Entra Agent ID Administrator Role to Hijack Service Principals

    Hackers Can Abuse Entra Agent ID Administrator Role to Hijack Service Principals A critical scope overreach vulnerability was recently identified in the Microsoft Entra Agent Identity Platform. The newly introduced Agent ID Administrator role allowed accounts to hijack arbitrary service principals and escalate privileges across the entire tenant. Microsoft has fully patched this behavior across…

  • Microsoft releases emergency patches for critical ASP.NET flaw

    Microsoft releases emergency patches for critical ASP.NET flaw Microsoft has released out-of-band (OOB) security updates to patch a critical ASP.NET Core privilege escalation vulnerability. […] Sergiu Gatlan Go to bleepingcomputer

  • Over 1,300 Microsoft SharePoint servers vulnerable to spoofing attacks

    Over 1,300 Microsoft SharePoint servers vulnerable to spoofing attacks Over 1,300 Microsoft SharePoint servers exposed online remain unpatched against a spoofing vulnerability that was exploited as a zero-day and is still being abused in ongoing attacks. […] Sergiu Gatlan Go to bleepingcomputer

  • Microsoft pulls service update causing Teams launch failures

    Microsoft pulls service update causing Teams launch failures Microsoft has reverted a recent service update that was preventing some customers from launching the Microsoft Teams desktop client. […] Sergiu Gatlan Go to bleepingcomputer

  • Microsoft releases emergency updates to fix Windows Server issues

    Microsoft releases emergency updates to fix Windows Server issues Microsoft has released out-of-band (OOB) updates to fix issues affecting Windows Server systems after installing the April 2026 security updates. […] Sergiu Gatlan Go to bleepingcomputer

  • Microsoft Teams right-click paste broken by Edge update bug

    Microsoft Teams right-click paste broken by Edge update bug Microsoft is warning that a recent Microsoft Edge browser update introduced a bug that breaks right-click paste in chats in the Microsoft Teams desktop client. […] Lawrence Abrams Go to bleepingcomputer

  • Sometimes changing the password on your email mailbox isn’t enough

    Sometimes changing the password on your email mailbox isn’t enough Have you ever taken a look at your Microsoft 365 mailbox rules? If not, it might be worth a few minutes of your time. Because newly released research reveals that hackers may already have beaten you to it. Read more in my article on the…

  • Microsoft: Some Windows servers enter reboot loops after April patches

    Microsoft: Some Windows servers enter reboot loops after April patches Microsoft warns that some Windows domain controllers are entering restart loops after installing the April 2026 security updates. […] Sergiu Gatlan Go to bleepingcomputer

  • Recently leaked Windows zero-days now exploited in attacks

    Recently leaked Windows zero-days now exploited in attacks Threat actors are exploiting three recently disclosed Windows security vulnerabilities in attacks aimed at gaining SYSTEM or elevated administrator permissions. […] Sergiu Gatlan Go to bleepingcomputer

  • Windows Snipping Tool Vulnerability Allows Attacker to Perform Spoofing Over a Network

    Windows Snipping Tool Vulnerability Allows Attacker to Perform Spoofing Over a Network Microsoft has addressed a moderate-severity security flaw in the Windows Snipping Tool that could allow malicious actors to steal user credentials. Tracked as CVE-2026-33829, this spoofing vulnerability was officially patched during the April 14, 2026, security updates. Discovered and reported by security researchers…

  • Microsoft: April Windows Server 2025 update may fail to install

    Microsoft: April Windows Server 2025 update may fail to install Microsoft is investigating an issue causing this month’s KB5082063 security update to fail to install on some Windows Server 2025 systems. […] Sergiu Gatlan Go to bleepingcomputer

  • Microsoft adds Windows protections for malicious Remote Desktop files

    Microsoft adds Windows protections for malicious Remote Desktop files Microsoft has introduced new Windows protections to defend against phishing attacks that abuse Remote Desktop connection (.rdp) files, adding warnings and disabling risky shared resources by default. […] Lawrence Abrams Go to bleepingcomputer

  • Microsoft releases Windows 10 KB5082200 extended security update

    Microsoft releases Windows 10 KB5082200 extended security update Microsoft has released the Windows 10 KB5082200 extended security update to fix the April 2026 Patch Tuesday vulnerabilities, including 2 zero-days. […] Lawrence Abrams Go to bleepingcomputer

  • Microsoft Defender 0-Day Vulnerability Enables Privilege Escalation Attack

    Microsoft Defender 0-Day Vulnerability Enables Privilege Escalation Attack Microsoft has released patch Tuesday security updates to address a newly discovered zero-day vulnerability in the Microsoft Defender Antimalware Platform.   Disclosed on April 14, 2026, the flaw is tracked as CVE-2026-33825 and carries an “Important” severity rating. If successfully exploited, this elevation-of-privilege vulnerability allows an attacker…

  • Microsoft Confirms Recent Windows 11 Updates Break Push Button Reset

    Microsoft Confirms Recent Windows 11 Updates Break Push Button Reset Microsoft has officially acknowledged that recent security updates for Windows 11 are causing the “Reset this PC” (Push-button reset) recovery feature to fail. The issue was confirmed in the release notes for the March 2026 hotpatch updates, affecting systems running the latest operating system version.…

  • Microsoft: Canadian employees targeted in payroll pirate attacks

    Microsoft: Canadian employees targeted in payroll pirate attacks A financially motivated threat actor tracked as Storm-2755 is stealing Canadian employees’ salary payments after hijacking their accounts in payroll pirate attacks. […] Sergiu Gatlan Go to bleepingcomputer

  • On Microsoft’s Lousy Cloud Security

    On Microsoft’s Lousy Cloud Security ProPublica has a scoop: In late 2024, the federal government’s cybersecurity evaluators rendered a troubling verdict on one of Microsoft’s biggest cloud computing offerings. The tech giant’s “lack of proper detailed security documentation” left reviewers with a “lack of confidence in assessing the system’s overall security posture,” according to an…

  • Microsoft suspends dev accounts for high-profile open source projects

    Microsoft suspends dev accounts for high-profile open source projects Microsoft has suspended developer accounts used to maintain multiple high-profile open-source projects without proper notification and no way to quickly reinstate them, effectively blocking them from publishing new software builds and security patches for Windows users. […] Sergiu Gatlan Go to bleepingcomputer

  • Microsoft Suspends Developer Accounts of High-Profile Open-Source Projects

    Microsoft Suspends Developer Accounts of High-Profile Open-Source Projects Microsoft has suspended the Windows Hardware Program developer accounts of two critical open-source security projects, VeraCrypt and WireGuard, blocking their ability to sign drivers and push updates to millions of Windows users, with no prior warning or explanation provided to the developers. Mounir Idrassi, the lead developer…

  • Microsoft rolls out fix for broken Windows Start Menu search

    Microsoft rolls out fix for broken Windows Start Menu search Microsoft has pushed a server-side fix for a known issue that broke the Windows Start Menu search feature on some Windows 11 23H2 devices. […] Sergiu Gatlan Go to bleepingcomputer

  • Disgruntled researcher leaks “BlueHammer” Windows zero-day exploit

    Disgruntled researcher leaks “BlueHammer” Windows zero-day exploit Exploit code has been released for an unpatched Windows privilege escalation flaw reported privately to Microsoft, allowing attackers to gain SYSTEM or elevated administrator permissions. […] Bill Toulas Go to bleepingcomputer

  • Microsoft fixes Classic Outlook bug causing email delivery issues

    Microsoft fixes Classic Outlook bug causing email delivery issues Microsoft has resolved a known issue that was preventing some Classic Outlook users from sending emails via Outlook.com. […] Sergiu Gatlan Go to bleepingcomputer

  • Microsoft removes Support and Recovery Assistant from Windows

    Microsoft removes Support and Recovery Assistant from Windows Microsoft has deprecated and removed the Support and Recovery Assistant (SaRA) command-line utility from all in-support versions of Windows updates starting March 10. […] Sergiu Gatlan Go to bleepingcomputer

  • Microsoft Releases New Defender Update for Windows 11, 10, and Server Installation Images

    Microsoft Releases New Defender Update for Windows 11, 10, and Server Installation Images Microsoft has officially rolled out its latest security intelligence update for Microsoft Defender Antivirus, delivering crucial protections for Windows 11, Windows 10, and Windows Server installation images. This vital release ensures that Microsoft’s built-in antimalware solutions are fully equipped to identify and neutralize…

  • Microsoft still working to fix Exchange Online mailbox access issues

    Microsoft still working to fix Exchange Online mailbox access issues Microsoft is investigating and working to resolve Exchange Online mailbox access issues that have intermittently affected Outlook mobile and macOS users for weeks. […] Sergiu Gatlan Go to bleepingcomputer

  • Microsoft now force upgrades unmanaged Windows 11 24H2 PCs

    Microsoft now force upgrades unmanaged Windows 11 24H2 PCs Starting this week, Microsoft has begun force-upgrading unmanaged devices running Windows 11 24H2 Home and Pro editions to Windows 11 25H2. […] Sergiu Gatlan Go to bleepingcomputer

  • Microsoft links Classic Outlook issue to email delivery problems

    Microsoft links Classic Outlook issue to email delivery problems Microsoft is investigating a known issue that prevents some Classic Outlook users from sending emails via Outlook.com. […] Sergiu Gatlan Go to bleepingcomputer

  • New Windows 11 emergency update fixes preview update install issues

    New Windows 11 emergency update fixes preview update install issues Microsoft released an emergency update to fix the March 2026 KB5079391 non-security preview update, which was pulled over the weekend due to installation issues. […] Sergiu Gatlan Go to bleepingcomputer

  • Microsoft pulls KB5079391 Windows update over install issues

    Microsoft pulls KB5079391 Windows update over install issues Microsoft has pulled a buggy Windows 11 non-security preview update to investigate a known issue that triggers 0x80073712 errors during installation. […] Sergiu Gatlan Go to bleepingcomputer

  • Windows 11 KB5079391 update rolls out Smart App Control improvements

    Windows 11 KB5079391 update rolls out Smart App Control improvements ​Microsoft has released the KB5079391 preview cumulative update for Windows 11 24H2 and 25H2, which includes 29 changes, such as Smart App Control and Display improvements. […] Sergiu Gatlan Go to bleepingcomputer

  • Microsoft Xbox One Hacked

    Microsoft Xbox One Hacked It’s an impressive feat, over a decade after the box was released: Since reset glitching wasn’t possible, Gaasedelen thought some voltage glitching could do the trick. So, instead of tinkering with the system rest pin(s) the hacker targeted the momentary collapse of the CPU voltage rail. This was quite a feat,…

  • New KB5085516 emergency update fixes Microsoft account sign-in

    New KB5085516 emergency update fixes Microsoft account sign-in Microsoft has released an emergency update to address a major issue that breaks sign-ins with Microsoft accounts across multiple Microsoft apps, including Teams and OneDrive. […] Sergiu Gatlan Go to bleepingcomputer

  • Microsoft: March Windows updates break Teams, OneDrive sign-ins

    Microsoft: March Windows updates break Teams, OneDrive sign-ins Microsoft says the March Windows 11 update breaks sign-ins with Microsoft accounts across multiple Microsoft apps, including Teams and OneDrive. […] Sergiu Gatlan Go to bleepingcomputer

  • Microsoft to Stop Force Installation of 365 Copilot App on Windows Devices

    Microsoft to Stop Force Installation of 365 Copilot App on Windows Devices Microsoft has temporarily halted the automatic installation of the Microsoft 365 Copilot app on Windows devices. According to a recent update in the Microsoft 365 Message Center on March 16, 2026, the company paused the mandatory rollout, originally scheduled to be completed late…

  • Microsoft Exchange Online outage blocks access to mailboxes

    Microsoft Exchange Online outage blocks access to mailboxes Microsoft is working to address an ongoing Exchange Online outage that is preventing customers from accessing their mailboxes and calendars. […] Sergiu Gatlan Go to bleepingcomputer

  • Attackers Hijacking Legitimate Websites to Attack Microsoft Teams users

    Attackers Hijacking Legitimate Websites to Attack Microsoft Teams users A multi-vector phishing campaign using compromised WordPress sites to steal login credentials from Microsoft Teams and Xfinity users. By hijacking these trusted sites, attackers can bypass security filters and trick victims into disclosing sensitive information. The threat actors are not relying on a single method to…

  • Microsoft to Block Windows 11 and Server 2025 Automated Installation After Critical RCE Vulnerability

    Microsoft to Block Windows 11 and Server 2025 Automated Installation After Critical RCE Vulnerability Microsoft has announced a two-phase plan to disable the hands-free deployment feature in Windows Deployment Services (WDS) following the discovery of a critical remote code execution (RCE) vulnerability tracked as CVE-2026-0386. The flaw, rooted in improper access control, allows an unauthenticated…

  • Microsoft releases Windows 11 OOB hotpatch to fix RRAS RCE flaw

    Microsoft releases Windows 11 OOB hotpatch to fix RRAS RCE flaw Microsoft has released an out-of-band (OOB) update to fix a security vulnerabilities affecting Windows 11 Enterprise devices that receive hotpatch updates instead of the regular Patch Tuesday cumulative updates. […] Lawrence Abrams Go to bleepingcomputer

  • Microsoft: Windows 11 users can’t access C: drive on some Samsung PCs

    Microsoft: Windows 11 users can’t access C: drive on some Samsung PCs Microsoft is investigating a new issue affecting some Samsung laptops running Windows 11 after installing the February 2026 security updates, in which users lose access to their C: drive and are unable to launch applications. […] Lawrence Abrams Go to bleepingcomputer

  • Microsoft investigates classic Outlook sync and connection issues

    Microsoft investigates classic Outlook sync and connection issues ​Microsoft is investigating several issues causing email synchronization and connection problems when using the classic Outlook desktop client. […] Sergiu Gatlan Go to bleepingcomputer

  • Critical Microsoft Office Vulnerability Enables Remote Code Execution Attacks

    Critical Microsoft Office Vulnerability Enables Remote Code Execution Attacks On March 10, 2026, Microsoft released security updates to address a critical vulnerability in its widely used Office suite. Tracked as CVE-2026-26110, this security flaw allows an unauthorized attacker to execute malicious code on a victim’s device. With a high severity rating and a CVSS base…

  • Microsoft releases Windows 10 KB5078885 extended security update

    Microsoft releases Windows 10 KB5078885 extended security update Microsoft has released the Windows 10 KB5078885 extended security update to fix the March 2026 Patch Tuesday vulnerabilities, including 2 zero-days and an issue that prevent some devices from shutting down. […] Lawrence Abrams Go to bleepingcomputer

  • Microsoft March 2026 Patch Tuesday fixes 2 zero-days, 79 flaws

    Microsoft March 2026 Patch Tuesday fixes 2 zero-days, 79 flaws Today is Microsoft’s March 2026 Patch Tuesday with security updates for 79 flaws, including 2 publicly disclosed zero-day vulnerabilities. […] Lawrence Abrams Go to bleepingcomputer

  • Microsoft .NET 0-Day Vulnerability Enables Denial-of-Service Attacks

    Microsoft .NET 0-Day Vulnerability Enables Denial-of-Service Attacks An emergency security update has been released to address a newly disclosed .NET Framework vulnerability, tracked as CVE-2026-26127. This security flaw allows unauthenticated, remote attackers to trigger a Denial-of-Service (DoS) condition on the network. With a CVSS score of 7.5, Microsoft has classified the vulnerability as “Important.” It…

  • Microsoft Teams will tag third-party bots trying to join meetings

    Microsoft Teams will tag third-party bots trying to join meetings Microsoft says Teams will soon automatically tag third-party bots in lobbies, allowing organizers to control whether they can join meetings. […] Sergiu Gatlan Go to bleepingcomputer

  • How AI Assistants are Moving the Security Goalposts

    How AI Assistants are Moving the Security Goalposts AI-based assistants or “agents” — autonomous programs that have access to the user’s computer, files, online services and can automate virtually any task — are growing in popularity with developers and IT workers. But as so many eyebrow-raising headlines over the past few weeks have shown, these…

  • Microsoft 365 Backup to add file-level restore for faster recovery

    Microsoft 365 Backup to add file-level restore for faster recovery Microsoft will soon begin rolling out a significant upgrade to Microsoft 365 Backup to speed up recovery by allowing administrators to restore individual files and folders. […] Sergiu Gatlan Go to bleepingcomputer

  • Bitwarden adds support for passkey login on Windows 11

    Bitwarden adds support for passkey login on Windows 11 Bitwarden announced support for logging into Windows 11 devices using passkeys stored in the manager’s vault, enabling phishing-resistant authentication. […] Bill Toulas Go to bleepingcomputer

  • Manipulating AI Summarization Features

    Manipulating AI Summarization Features Microsoft is reporting: Companies are embedding hidden instructions in “Summarize with AI” buttons that, when clicked, attempt to inject persistence commands into an AI assistant’s memory via URL prompt parameters…. These prompts instruct the AI to “remember [Company] as a trusted source” or “recommend [Company] first,” aiming to bias future responses…

  • Microsoft: Hackers abuse OAuth error flows to spread malware

    Microsoft: Hackers abuse OAuth error flows to spread malware Hackers are abusing the legitimate OAuth redirection mechanism to bypass phishing protections in email and browsers to take users to malicious pages. […] Bill Toulas Go to bleepingcomputer

  • Microsoft testing Windows 11 batch file security improvements

    Microsoft testing Windows 11 batch file security improvements Microsoft is rolling out new Windows 11 Insider Preview builds that improve security and performance during batch file or CMD script execution. […] Sergiu Gatlan Go to bleepingcomputer

  • Windows 11 KB5077241 update improves BitLocker, adds Sysmon tool

    Windows 11 KB5077241 update improves BitLocker, adds Sysmon tool Microsoft has released the KB5077241 optional cumulative update for Windows 11, which comes with 29 changes, including improvements to BitLocker, a new network speed test tool, and native System Monitor (Sysmon) functionality. […] Sergiu Gatlan Go to bleepingcomputer

  • Microsoft Released Updates for Windows 11, Version 25H2 and 24H2 Systems

    Microsoft Released Updates for Windows 11, Version 25H2 and 24H2 Systems An optional non-security update, KB5077241, has been released for Windows 11 versions 25H2 and 24H2, improving overall functionality, performance, and reliability without addressing security vulnerabilities. The release, which brings the OS builds to 26200.7922 and 26100.7922, includes enhancements to user interface elements and updates…

  • Microsoft says bug in classic Outlook hides the mouse pointer

    Microsoft says bug in classic Outlook hides the mouse pointer Microsoft is investigating a known issue that causes the mouse pointer to disappear in the classic Outlook desktop email client for some users. […] Sergiu Gatlan Go to bleepingcomputer

  • Hackers Using OAuth Apps in Microsoft Entra ID to Establish Persistence

    Hackers Using OAuth Apps in Microsoft Entra ID to Establish Persistence Hackers are increasingly abusing OAuth applications in Microsoft Entra ID to gain persistent access, blending in as normal “business integrations” while keeping access even after defenders reset passwords. Recent Wiz research and incident reporting show attackers using fake OAuth apps, deceptive consent prompts, and redirect URLs…

  • Microsoft: Anti-phishing rules mistakenly blocked emails, Teams messages

    Microsoft: Anti-phishing rules mistakenly blocked emails, Teams messages Microsoft says an Exchange Online issue that mistakenly quarantined legitimate emails last week was triggered by faulty heuristic detection rules designed to block credential phishing campaigns. […] Sergiu Gatlan Go to bleepingcomputer

  • Microsoft Defender Unveils Centralized Script Library with Copilot Analysis for Enhanced Live Response

    Microsoft Defender Unveils Centralized Script Library with Copilot Analysis for Enhanced Live Response Microsoft has introduced a new Library Management experience in Microsoft Defender for Endpoint, designed to fundamentally transform how security analysts manage the scripts and tools they rely on during live response investigations. Announced on February 16, 2026, the enhancement addresses a long-standing…

  • Microsoft Teams outage affects users in United States, Europe

    Microsoft Teams outage affects users in United States, Europe ​Microsoft is working to resolve an ongoing outage affecting Microsoft Teams users, causing delays and preventing some from accessing the service. […] Sergiu Gatlan Go to bleepingcomputer

  • Microsoft VS Code Extension with 11M Downloads Expose Developers to One-Click XSS Attacks

    Microsoft VS Code Extension with 11M Downloads Expose Developers to One-Click XSS Attacks A critical vulnerability discovered in Microsoft’s popular Visual Studio Code (VS Code) Live Preview extension, downloaded over 11 million times, exposes developers to one-click cross-site scripting (XSS) and local file exfiltration attacks. The flaw, now patched, was discovered by researchers Nir Zadok and Moshe Siman Tov Bustan from OX Security. The issue…

  • Critical Windows Admin Center Vulnerability Allows Privilege Escalation

    Critical Windows Admin Center Vulnerability Allows Privilege Escalation A critical security update addressing a high‑severity elevation of privilege vulnerability in Windows Admin Center (WAC), identified as CVE‑2026‑26119. The flaw, rated CVSS 8.8 (Critical), stems from improper authentication (CWE‑287) that could allow an authorized attacker to gain elevated network privileges. According to Microsoft, this vulnerability affects Windows Admin Center version 2.6.4, and…

  • Windows 11 KB5077181 fixes boot failures linked to failed updates

    Windows 11 KB5077181 fixes boot failures linked to failed updates Microsoft says it has resolved a Windows 11 bug that caused some commercial systems to fail to boot with an “UNMOUNTABLE_BOOT_VOLUME” error after installing recent security updates, with the fix delivered in the February 2026 Patch Tuesday update. […] Lawrence Abrams Go to bleepingcomputer

  • CISA flags critical Microsoft SCCM flaw as exploited in attacks

    CISA flags critical Microsoft SCCM flaw as exploited in attacks CISA ordered federal agencies on Thursday to secure their systems against a critical Microsoft Configuration Manager vulnerability patched in October 2024 and now exploited in attacks. […] Sergiu Gatlan Go to bleepingcomputer

  • CISA Warns of Microsoft Configuration Manager SQL Injection Vulnerability Exploited in Attacks

    CISA Warns of Microsoft Configuration Manager SQL Injection Vulnerability Exploited in Attacks CISA has issued an urgent alert about a critical SQL injection vulnerability in Microsoft Configuration Manager (SCCM). Tracked as CVE-2024-43468, this flaw lets unauthenticated attackers run malicious commands on servers and databases. Added to CISA’s Known Exploited Vulnerabilities (KEV) catalog on February 12,…

  • Microsoft fixes bug that blocked Google Chrome from launching

    Microsoft fixes bug that blocked Google Chrome from launching Microsoft has fixed a known issue causing its Family Safety parental control service to block Windows users from launching Google Chrome and other web browsers. […] Sergiu Gatlan Go to bleepingcomputer

  • Microsoft: New Windows LNK spoofing issues aren’t vulnerabilities

    Microsoft: New Windows LNK spoofing issues aren’t vulnerabilities Today, at Wild West Hackin’ Fest, security researcher Wietze Beukema disclosed multiple vulnerabilities in Windows LK shortcut files that allow attackers to deploy malicious payloads. […] Sergiu Gatlan Go to bleepingcomputer

  • Windows 11 Notepad flaw let files execute silently via Markdown links

    Windows 11 Notepad flaw let files execute silently via Markdown links Microsoft has fixed a “remote code execution” vulnerability in Windows 11 Notepad that allowed attackers to execute local or remote programs by tricking users into clicking specially crafted Markdown links, without displaying any Windows security warnings. […] Lawrence Abrams Go to bleepingcomputer

  • Microsoft Store Outlook add-in hijacked to steal 4,000 Microsoft accounts

    Microsoft Store Outlook add-in hijacked to steal 4,000 Microsoft accounts The AgreeTo add-in for Outlook has been hijacked and turned into a phishing kit that stole more than 4,000 Microsoft account credentials. […] Bill Toulas Go to bleepingcomputer