Category: Microsoft

Microsoft: Hackers target universities in “payroll pirate” attacks

Microsoft: Hackers target universities in “payroll pirate” attacks A cybercrime gang tracked as Storm-2657 has been targeting university employees in the United States to hijack salary payments in “pirate payroll” attacks since March 2025. […] Sergiu Gatlan Go to bleepingcomputer

October 10, 2025
Microsoft Defender mistakenly flags SQL Server as end-of-life

Microsoft Defender mistakenly flags SQL Server as end-of-life Microsoft is working to resolve a known issue that causes its Defender for Endpoint enterprise endpoint security platform to incorrectly tag SQL Server software as end-of-life. […] Sergiu Gatlan Go to bleepingcomputer

October 10, 2025
Microsoft 365 outage blocks access to Teams, Exchange Online

Microsoft 365 outage blocks access to Teams, Exchange Online Microsoft is working to resolve an ongoing outage preventing users from accessing Microsoft 365 services, including Microsoft Teams, Exchange Online, and the admin center. […] Sergiu Gatlan Go to bleepingcomputer

October 9, 2025
Microsoft enables Exchange Online auto-archiving by default

Microsoft enables Exchange Online auto-archiving by default Microsoft is enabling threshold-based auto-archiving by default in Exchange Online to prevent email flow issues caused by mailboxes filling up faster than expected. […] Sergiu Gatlan Go to bleepingcomputer

October 9, 2025
Microsoft 365 Outage Blocks Access to Teams, Exchange Online, and Admin Center – Updated

Microsoft 365 Outage Blocks Access to Teams, Exchange Online, and Admin Center – Updated A significant Microsoft 365 outage blocked user access to several critical services, including Microsoft Teams, Exchange Online, and the Microsoft 365 admin center. The incident began late on Wednesday, October 8, 2025, leaving organizations worldwide unable to utilize essential communication and…

October 9, 2025
Microsoft: Critical GoAnywhere bug exploited in ransomware attacks

Microsoft: Critical GoAnywhere bug exploited in ransomware attacks A cybercrime group, tracked as Storm-1175, has been actively exploiting a maximum severity GoAnywhere MFT vulnerability in Medusa ransomware attacks for nearly a month. […] Sergiu Gatlan Go to bleepingcomputer

October 7, 2025
Microsoft: Running multiple Office apps causes Copilot issues

Microsoft: Running multiple Office apps causes Copilot issues Microsoft is investigating a bug that causes Copilot issues when multiple Office apps are running simultaneously on the same system. […] Sergiu Gatlan Go to bleepingcomputer

October 7, 2025
Microsoft Outlook stops displaying inline SVG images used in attacks

Microsoft Outlook stops displaying inline SVG images used in attacks Microsoft says Outlook for Web and the new Outlook for Windows will no longer display risky inline SVG images that are being used in attacks. […] Sergiu Gatlan Go to bleepingcomputer

October 3, 2025
Microsoft Defender bug triggers erroneous BIOS update alerts

Microsoft Defender bug triggers erroneous BIOS update alerts Microsoft is working to resolve a bug that causes Defender for Endpoint to incorrectly tag some devices’ BIOS (Basic Input/Output System) firmware as outdated, prompting users to update it. […] Sergiu Gatlan Go to bleepingcomputer

October 3, 2025
New bug in classic Outlook can only be fixed via Microsoft support

New bug in classic Outlook can only be fixed via Microsoft support Microsoft is investigating a known issue that causes the classic Outlook email client to crash upon launch, which can only be resolved via Exchange Online support. […] Sergiu Gatlan Go to bleepingcomputer

October 2, 2025
Windows 11 2025 Update (25H2) is now available, Here’s what’s new

Windows 11 2025 Update (25H2) is now available, Here’s what’s new Today, Microsoft announced the release of Windows 11 25H2, also known as Windows 11 2025 Update. […] Mayank Parmar Go to bleepingcomputer

October 1, 2025
Microsoft’s new AI feature will organize your photos automatically

Microsoft’s new AI feature will organize your photos automatically Microsoft has begun testing a new AI-powered feature in Microsoft Photos, designed to categorize photos automatically on Windows 11 systems. […] Sergiu Gatlan Go to bleepingcomputer

September 27, 2025
Microsoft shares temp fix for Outlook encrypted email errors

Microsoft shares temp fix for Outlook encrypted email errors Microsoft is investigating a known issue that triggers Outlook errors when opening encrypted emails sent from other organizations. […] Sergiu Gatlan Go to bleepingcomputer

September 27, 2025
Microsoft Edge to block malicious sideloaded extensions

Microsoft Edge to block malicious sideloaded extensions Microsoft is planning to introduce a new Edge security feature that will protect users against malicious extensions sideloaded into the web browser. […] Sergiu Gatlan Go to bleepingcomputer

September 27, 2025
Feds Tie ‘Scattered Spider’ Duo to $115M in Ransoms

Feds Tie ‘Scattered Spider’ Duo to $115M in Ransoms U.S. prosecutors last week levied criminal hacking charges against 19-year-old U.K. national Thalha Jubair for allegedly being a core member of Scattered Spider, a prolific cybercrime group blamed for extorting at least $115 million in ransom payments from victims. The charges came as Jubair and an…

September 25, 2025
Microsoft lifts Windows 11 update block after face detection fix

Microsoft lifts Windows 11 update block after face detection fix Microsoft has removed a compatibility hold that prevented devices with integrated cameras from installing Windows 11 24H2 due to a face detection bug causing app freezes. […] Sergiu Gatlan Go to bleepingcomputer

September 23, 2025
Microsoft starts rolling out Gaming Copilot on Windows 11 PCs

Microsoft starts rolling out Gaming Copilot on Windows 11 PCs Microsoft has begun rolling out the beta version of its AI-powered Gaming Copilot to Windows 11 systems for users aged 18 or older, excluding those in mainland China. […] Sergiu Gatlan Go to bleepingcomputer

September 20, 2025
Notepad gets free AI features on Copilot+ PCs with Windows 11

Notepad gets free AI features on Copilot+ PCs with Windows 11 Microsoft is adding free AI-powered text writing capabilities to Notepad for customers with Copilot+ PCs running Windows 11. […] Sergiu Gatlan Go to bleepingcomputer

September 19, 2025
Microsoft rolls out Copilot Chat to Microsoft 365 Office apps

Microsoft rolls out Copilot Chat to Microsoft 365 Office apps Microsoft is rolling out Copilot Chat to Word, Excel, PowerPoint, Outlook, and OneNote for paying Microsoft 365 business customers. […] Sergiu Gatlan Go to bleepingcomputer

September 17, 2025
Microsoft: WMIC will be removed after Windows 11 25H2 upgrade

Microsoft: WMIC will be removed after Windows 11 25H2 upgrade Microsoft has announced that the Windows Management Instrumentation Command-line (WMIC) tool will be removed after upgrading to Windows 11 25H2 and later. […] Sergiu Gatlan Go to bleepingcomputer

September 17, 2025
Microsoft Still Uses RC4

Microsoft Still Uses RC4 Senator Ron Wyden has asked the Federal Trade Commission to investigate Microsoft over its continued use of the RC4 encryption algorithm. The letter talks about a hacker technique called Kerberoasting, that exploits the Kerberos authentication system. Bruce Schneier Go to bruce schneier

September 17, 2025
Microsoft: Exchange 2016 and 2019 reach end of support in 30 days

Microsoft: Exchange 2016 and 2019 reach end of support in 30 days Microsoft has reminded administrators again that Exchange 2016 and Exchange 2019 will reach the end of extended support next month and has provided guidance for decommissioning outdated servers. […] Sergiu Gatlan Go to bleepingcomputer

September 16, 2025
Microsoft reminds of Windows 10 support ending in 30 days

Microsoft reminds of Windows 10 support ending in 30 days On Friday, Microsoft reminded customers once again that Windows 10 will reach its end of support in 30 days, on October 14. […] Sergiu Gatlan Go to bleepingcomputer

September 15, 2025
Windows 11 23H2 Home and Pro reach end of support in 60 days

Windows 11 23H2 Home and Pro reach end of support in 60 days Microsoft has reminded customers today that devices running Home and Pro editions of Windows 11 23H2 will stop receiving updates in November. […] Sergiu Gatlan Go to bleepingcomputer

September 13, 2025
Microsoft fixes Exchange Online outage affecting users worldwide

Microsoft fixes Exchange Online outage affecting users worldwide Microsoft says that it has mitigated an Exchange Online outage affecting customers worldwide, which blocked their access to emails and calendars. […] Sergiu Gatlan Go to bleepingcomputer

September 12, 2025
U.S. Senator accuses Microsoft of “gross cybersecurity negligence”

U.S. Senator accuses Microsoft of “gross cybersecurity negligence” U.S. Senator Ron Wyden has sent a letter to the Federal Trade Commission (FTC) requesting the agency to investigate Microsoft for failing to provide adequate security in its products, which led to ransomware attacks against healthcare organizations. […] Bill Toulas Go to bleepingcomputer

September 12, 2025
Microsoft To Depreciate VBScript In Windows Warns Developers To Adapt Their Projects

Microsoft To Depreciate VBScript In Windows Warns Developers To Adapt Their Projects Microsoft has officially announced a multi-phase plan to deprecate VBScript in Windows, a move that signals a significant shift for developers, particularly those working with Visual Basic for Applications (VBA). The change, first detailed in May 2024, will gradually phase out the legacy…

September 12, 2025
Microsoft waives fees for Windows devs publishing to Microsoft Store

Microsoft waives fees for Windows devs publishing to Microsoft Store Microsoft announced that, starting today, individual Windows developers will no longer have to pay for publishing their applications on the Microsoft Store. […] Sergiu Gatlan Go to bleepingcomputer

September 11, 2025
September Patch Tuesday handles 81 CVEs

September Patch Tuesday handles 81 CVEs The last round of fixes before Win 10’s final shout touches 15 product families, including Xbox Angela Gunn Go to sophos

September 11, 2025
Microsoft September 2025 Patch Tuesday fixes 81 flaws, two zero-days

Microsoft September 2025 Patch Tuesday fixes 81 flaws, two zero-days Today is Microsoft’s September 2025 Patch Tuesday, which includes security updates for 81 flaws, including two publicly disclosed zero-day vulnerabilities. […] Lawrence Abrams Go to bleepingcomputer

September 10, 2025
Windows 11 KB5065426 & KB5065431 cumulative updates released

Windows 11 KB5065426 & KB5065431 cumulative updates released Microsoft has released Windows 11 KB5065426 and KB5065431 cumulative updates for versions 24H2 and 23H2 to fix security vulnerabilities and issues. […] Mayank Parmar Go to bleepingcomputer

September 10, 2025
Critical Microsoft Office Vulnerabilities Let Attackers Execute Malicious Code

Critical Microsoft Office Vulnerabilities Let Attackers Execute Malicious Code Microsoft has released patches for two significant vulnerabilities in Microsoft Office that could allow attackers to execute malicious code on affected systems. The flaws, tracked as CVE-2025-54910 and CVE-2025-54906, were disclosed on September 9, 2025, and affect various versions of the popular productivity suite. While Microsoft…

September 10, 2025
Microsoft Patch Tuesday, September 2025 Edition

Microsoft Patch Tuesday, September 2025 Edition Microsoft Corp. today issued security updates to fix more than 80 vulnerabilities in its Windows operating systems and software. There are no known “zero-day” or actively exploited vulnerabilities in this month’s bundle from Redmond, which nevertheless includes patches for 13 flaws that earned Microsoft’s most-dire “critical” label. Meanwhile, both…

September 10, 2025
Microsoft now enforces MFA on Azure Portal sign-ins for all tenants

Microsoft now enforces MFA on Azure Portal sign-ins for all tenants Microsoft says it has been enforcing multifactor authentication (MFA) for Azure Portal sign-ins across all tenants since March 2025. […] Sergiu Gatlan Go to bleepingcomputer

September 6, 2025
Microsoft gives US students a free year of Microsoft 365 Personal

Microsoft gives US students a free year of Microsoft 365 Personal Microsoft announced that starting this Thursday, all college students in the United States can get a free year of Microsoft 365 Personal. […] Sergiu Gatlan Go to bleepingcomputer

September 6, 2025
Windows 11 KB5064081 update clears up CPU usage metrics in Task Manager

Windows 11 KB5064081 update clears up CPU usage metrics in Task Manager Microsoft has released the KB5064081 preview cumulative update for Windows 11 24H2, which includes thirty-six new features or changes, with many gradually rolling out. These updates include new Recall features and a new way of displaying CPU usage in Task Manager. […] Lawrence…

August 30, 2025
Microsoft fixes bug behind Windows certificate enrollment errors

Microsoft fixes bug behind Windows certificate enrollment errors Microsoft has resolved a known issue causing false CertificateServicesClient (CertEnroll) error messages after installing the July 2025 preview and subsequent Windows 11 24H2 updates. […] Sergiu Gatlan Go to bleepingcomputer

August 30, 2025
Microsoft to enforce MFA for Azure resource management in October

Microsoft to enforce MFA for Azure resource management in October Starting in October, Microsoft will enforce multi-factor authentication (MFA) for all Azure resource management actions to protect Azure clients from unauthorized access attempts. […] Sergiu Gatlan Go to bleepingcomputer

August 30, 2025
Microsoft says recent Windows update didn’t kill your SSD

Microsoft says recent Windows update didn’t kill your SSD Microsoft has found no link between the August 2025 KB5063878 security update and customer reports of failure and data corruption issues affecting solid-state drives (SSDs) and hard disk drives (HDDs). […] Sergiu Gatlan Go to bleepingcomputer

August 30, 2025
Microsoft Word will save your files to the cloud by default

Microsoft Word will save your files to the cloud by default Microsoft says that Word for Windows will soon enable autosave and automatically save all new documents to the cloud by default. […] Sergiu Gatlan Go to bleepingcomputer

August 29, 2025
Microsoft Unveils Storm-0501’s Advanced Cloud Ransomware Attack Tactics

Microsoft Unveils Storm-0501’s Advanced Cloud Ransomware Attack Tactics Microsoft Threat Intelligence has released a detailed report exposing a significant evolution in ransomware attacks, pioneered by the financially motivated threat actor Storm-0501. The group has shifted from traditional on-premises ransomware to a more destructive, cloud-native strategy that involves data exfiltration and destruction, fundamentally changing the nature…

August 28, 2025
Smashing Security podcast #432: Oops! I auto-filled my password into a cookie banner

Smashing Security podcast #432: Oops! I auto-filled my password into a cookie banner We unpack how some password managers can be tricked into coughing up your secrets, with a clickjacking sleight-of-hand, what website owners can do to prevent it, and how to lock down your personal password vault. Then we time-hope to the post-quantum scramble:…

August 28, 2025
The AI Fix #65: Excel Copilot will wreck your data, and can AI fix social media?

The AI Fix #65: Excel Copilot will wreck your data, and can AI fix social media? In episode 65 of The AI Fix, a pigeon gives a PowerPoint presentation, Mark plays Graham a song about the Transformer architecture, a robot dog delivers parcels, some robots fall over at the World Humanoid Robot Games, and Graham…

August 27, 2025
Microsoft: August Windows updates cause severe streaming issues

Microsoft: August Windows updates cause severe streaming issues Microsoft has confirmed that the August 2025 security updates are causing severe lag and stuttering issues with NDI streaming software on some Windows 10 and Windows 11 systems. […] Sergiu Gatlan Go to bleepingcomputer

August 23, 2025
Microsoft asks customers for feedback on reported SSD failures

Microsoft asks customers for feedback on reported SSD failures Microsoft is seeking further information from customers who reported failure and data corruption issues affecting their solid-state drives (SSDs) and hard disk drives (HDDs) after installing the August 2025 security update. […] Sergiu Gatlan Go to bleepingcomputer

August 22, 2025
Smashing Security podcast #431: How to mine millions without paying the bill

Smashing Security podcast #431: How to mine millions without paying the bill In episode 431 of the “Smashing Security” podcast, a self-proclaimed crypto-influencer calling himself CP3O thought he had found a shortcut to riches — by racking up millions in unpaid cloud bills. Meanwhile, we look at the growing threat of EDR-killer tools that can…

August 21, 2025
Microsoft fixes Windows upgrades failing with 0x8007007F error

Microsoft fixes Windows upgrades failing with 0x8007007F error Microsoft has resolved a known issue that caused Windows upgrades to fail with 0x8007007F errors on some Windows 11 and Windows Server systems. […] Sergiu Gatlan Go to bleepingcomputer

August 20, 2025
Microsoft releases emergency updates to fix Windows recovery

Microsoft releases emergency updates to fix Windows recovery Microsoft has released emergency Windows out-of-band updates to resolve a known issue breaking reset and recovery operations after installing the August 2025 Windows security updates. […] Sergiu Gatlan Go to bleepingcomputer

August 20, 2025
Microsoft shares workaround for Teams “couldn’t connect” error

Microsoft shares workaround for Teams “couldn’t connect” error Microsoft is resolving a known issue that causes “couldn’t connect” errors when launching the Microsoft Teams desktop and web applications. […] Sergiu Gatlan Go to bleepingcomputer

August 20, 2025
Microsoft Teams to protect against malicious URLs, dangerous file types

Microsoft Teams to protect against malicious URLs, dangerous file types Microsoft recently revealed that it’s currently enhancing protection against dangerous file types and malicious URLs in Teams chats and channels. […] Sergiu Gatlan Go to bleepingcomputer

August 17, 2025
Microsoft reminds of Windows 10 support ending in two months

Microsoft reminds of Windows 10 support ending in two months Microsoft has reminded customers that Windows 10 will be retired in two months after all editions of Windows 10, version 22H2 reach their end of servicing on October 14. […] Sergiu Gatlan Go to bleepingcomputer

August 16, 2025
Microsoft fixes Windows Server bug causing cluster, VM issues

Microsoft fixes Windows Server bug causing cluster, VM issues Microsoft has resolved a known issue that triggers Cluster service and VM restart issues after installing July’s Windows Server 2019 security updates. […] Sergiu Gatlan Go to bleepingcomputer

August 15, 2025
Microsoft fixes Windows 11 24H2 updates failing with 0x80240069 error

Microsoft fixes Windows 11 24H2 updates failing with 0x80240069 error Microsoft has resolved a known issue preventing the August 2025 Windows 11 24H2 cumulative update from being delivered via Windows Server Update Services (WSUS). […] Sergiu Gatlan Go to bleepingcomputer

August 14, 2025
August Patch Tuesday includes blasts from the (recent) past

August Patch Tuesday includes blasts from the (recent) past Microsoft haul this month covers 109 CVEs… more or less Angela Gunn Go to sophos

August 14, 2025
Microsoft tests cloud-based Windows 365 disaster recovery PCs

Microsoft tests cloud-based Windows 365 disaster recovery PCs Microsoft has announced the limited public preview of Windows 365 Reserve, a service that provides temporary desktop access to pre-configured cloud PCs for employees whose computers have become unavailable due to cyberattacks, hardware issues, or software problems. […] Sergiu Gatlan Go to bleepingcomputer

August 12, 2025
Over 29,000 Exchange servers unpatched against high-severity flaw

Over 29,000 Exchange servers unpatched against high-severity flaw Over 29,000 Exchange servers exposed online remain unpatched against a high-severity vulnerability that can let attackers move laterally in Microsoft cloud environments, potentially leading to complete domain compromise. […] Sergiu Gatlan Go to bleepingcomputer

August 11, 2025
Microsoft 365 apps to soon block file access via FPRPC by default

Microsoft 365 apps to soon block file access via FPRPC by default Microsoft has announced that the Microsoft 365 apps for Windows will start blocking access to files via the insecure FPRPC legacy authentication protocol by default starting late August. […] Sergiu Gatlan Go to bleepingcomputer

August 9, 2025
Microsoft will kill the Lens PDF scanner app for iOS, Android

Microsoft will kill the Lens PDF scanner app for iOS, Android Microsoft announced that it will phase out the Microsoft Lens PDF scanner app for Android and iOS devices starting September 15, 2025. […] Sergiu Gatlan Go to bleepingcomputer

August 8, 2025
Microsoft warns of high-severity flaw in hybrid Exchange deployments

Microsoft warns of high-severity flaw in hybrid Exchange deployments Microsoft has warned customers to mitigate a high-severity vulnerability in Exchange Server hybrid deployments that could allow attackers to escalate privileges in Exchange Online cloud environments undetected. […] Sergiu Gatlan Go to bleepingcomputer

August 7, 2025
Microsoft pays record $17 million in bounties over the last 12 months

Microsoft pays record $17 million in bounties over the last 12 months Microsoft paid a record $17 million this year to 344 security researchers across 59 countries through its bug bounty program. […] Sergiu Gatlan Go to bleepingcomputer

August 6, 2025
Microsoft increases Zero Day Quest prize pool to $5 million

Microsoft increases Zero Day Quest prize pool to $5 million Microsoft will offer up to $5 million in bounty awards at this year’s Zero Day Quest hacking contest, which the company describes as the “largest hacking event in history.” […] Sergiu Gatlan Go to bleepingcomputer

August 5, 2025
Microsoft: Outdated Office apps lose access to voice features in January

Microsoft: Outdated Office apps lose access to voice features in January Microsoft announced that the transcription, dictation, and read aloud features will stop working in older versions of Office 365 applications in late January 2026. […] Sergiu Gatlan Go to bleepingcomputer

August 5, 2025
Microsoft to disable Excel workbook links to blocked file types

Microsoft to disable Excel workbook links to blocked file types Microsoft has announced that it will start disabling external workbook links to blocked file types by default between October 2025 and July 2026. […] Sergiu Gatlan Go to bleepingcomputer

August 1, 2025
Microsoft now pays up to $40,000 for some .NET vulnerabilities

Microsoft now pays up to $40,000 for some .NET vulnerabilities Microsoft has expanded its .NET bug bounty program and increased rewards to $40,000 for some .NET and ASP.NET Core vulnerabilities. […] Sergiu Gatlan Go to bleepingcomputer

August 1, 2025
Microsoft Edge now an ‘AI-powered browser’ with Copilot Mode

Microsoft Edge now an ‘AI-powered browser’ with Copilot Mode Microsoft has introduced Copilot Mode, an experimental feature designed to transform Microsoft Edge into a web browser powered by artificial intelligence (AI). […] Sergiu Gatlan Go to bleepingcomputer

July 30, 2025
Microsoft: macOS Sploitlight flaw leaks Apple Intelligence data

Microsoft: macOS Sploitlight flaw leaks Apple Intelligence data Attackers could use a recently patched macOS vulnerability to bypass Transparency, Consent, and Control (TCC) security checks and steal sensitive user information, including Apple Intelligence cached data. […] Sergiu Gatlan Go to bleepingcomputer

July 29, 2025
Microsoft SharePoint Zero-Day

Microsoft SharePoint Zero-Day Chinese hackers are exploiting a high-severity vulnerability in Microsoft SharePoint to steal data worldwide: The vulnerability, tracked as CVE-2025-53770, carries a severity rating of 9.8 out of a possible 10. It gives unauthenticated remote access to SharePoint Servers exposed to the Internet. Starting Friday, researchers began warning of active exploitation of the…

July 29, 2025
Microsoft investigates outage affecting Microsoft 365 admin center

Microsoft investigates outage affecting Microsoft 365 admin center Microsoft is investigating an ongoing outage blocking Microsoft 365 administrators with business or enterprise subscriptions from accessing the admin center. […] Sergiu Gatlan Go to bleepingcomputer

July 26, 2025
Microsoft: SharePoint servers also targeted in ransomware attacks

Microsoft: SharePoint servers also targeted in ransomware attacks A Chinese hacking group is deploying Warlock ransomware on Microsoft SharePoint servers vulnerable to widespread attacks targeting the recently patched ToolShell zero-day exploit chain. […] Sergiu Gatlan Go to bleepingcomputer

July 24, 2025
Brave blocks Windows Recall from screenshotting your browsing activity

Brave blocks Windows Recall from screenshotting your browsing activity Brave Software says its privacy-focused browser will block Microsoft’s Windows Recall from capturing screenshots of Brave windows by default to protect users’ privacy. […] Lawrence Abrams Go to bleepingcomputer

July 24, 2025
Windows 11 KB5062660 update brings new ‘Windows Resilience’ features

Windows 11 KB5062660 update brings new ‘Windows Resilience’ features Microsoft has released the KB5062660 preview cumulative update for Windows 11 24H2 with twenty-nine new features or changes, with many gradually rolling out, such as the new Black Screen of Death and Quick Machine Recovery tool. […] Lawrence Abrams Go to bleepingcomputer

July 23, 2025
Windows 11 gets new Black Screen of Death, auto recovery tool

Windows 11 gets new Black Screen of Death, auto recovery tool Microsoft is rolling out significant changes to Windows 11 24H2 as part of the Windows Resilience Initiative, designed to reduce downtime and help devices recover from serious failures, as well as an overhaul of the all-too-familiar BSOD crash screens. […] Lawrence Abrams Go to bleepingcomputer

July 23, 2025
Microsoft Releases Mitigations and Threat Hunting Queries for SharePoint Zero-Day

Microsoft Releases Mitigations and Threat Hunting Queries for SharePoint Zero-Day Thousands of organizations worldwide face active cyberattacks targeting Microsoft SharePoint servers through two critical vulnerabilities, prompting urgent government warnings and emergency patches. Microsoft confirmed over the weekend that threat actors are actively exploiting two zero-day vulnerabilities in on-premises SharePoint servers, designated CVE-2025-53770 and CVE-2025-53771. The…

July 22, 2025
Microsoft releases emergency patches for SharePoint RCE flaws exploited in attacks

Microsoft releases emergency patches for SharePoint RCE flaws exploited in attacks Microsoft has released emergency SharePoint security updates for two zero-day vulnerabilities tracked as CVE-2025-53770 and CVE-2025-53771 that have compromised services worldwide in “ToolShell” attacks. […] Lawrence Abrams Go to bleepingcomputer

July 21, 2025
Microsoft SharePoint zero-day exploited in RCE attacks, no patch available

Microsoft SharePoint zero-day exploited in RCE attacks, no patch available Critical zero-day vulnerabilities in Microsoft SharePoint, tracked as CVE-2025-53770 and CVE-2025-53771, have been actively exploited since at least July 18th, with no patch available and at least 85 servers already compromised worldwide. […] Lawrence Abrams Go to bleepingcomputer

July 21, 2025
Microsoft Released Emergency Security Update to Patch Critical SharePoint 0-Day Vulnerability

Microsoft Released Emergency Security Update to Patch Critical SharePoint 0-Day Vulnerability Microsoft has issued an urgent security advisory addressing critical zero-day vulnerabilities in on-premises SharePoint Server that attackers are actively exploiting. The vulnerabilities, assigned as CVE-2025-53770 and CVE-2025-53771, pose immediate risks to organizations running SharePoint infrastructure and require immediate remediation. Key Takeaways1. Active zero-day attacks…

July 21, 2025
Microsoft mistakenly tags Windows Firewall error log bug as fixed

Microsoft mistakenly tags Windows Firewall error log bug as fixed Microsoft has mistakenly tagged an ongoing Windows Firewall error message bug as fixed in recent updates, stating that they are still working on a resolution. […] Lawrence Abrams Go to bleepingcomputer

July 19, 2025
Microsoft Congratulates MSRC’s Most Valuable Security Researchers

Microsoft Congratulates MSRC’s Most Valuable Security Researchers Microsoft has officially announced its 2025 Most Valuable Security Researchers, recognizing the top 100 security researchers worldwide who have made significant contributions to protecting Microsoft customers through the Microsoft Security Response Center (MSRC) program. The recognition is based on a comprehensive point system that evaluates researchers’ valid vulnerability…

July 17, 2025
Windows KB5064489 emergency update fixes Azure VM launch issues

Windows KB5064489 emergency update fixes Azure VM launch issues Microsoft has released an emergency update to fix a bug that prevents Azure virtual machines from launching when the Trusted Launch setting is disabled and Virtualization-Based Security (VBS) is enabled. […] Lawrence Abrams Go to bleepingcomputer

July 16, 2025
Windows 10 KB5062554 update breaks emoji panel search feature

Windows 10 KB5062554 update breaks emoji panel search feature The search feature for the Windows 10 emoji panel is broken after installing the KB5062554 cumulative update released Tuesday, making it not possible to look up emojis by name or keyword. […] Lawrence Abrams Go to bleepingcomputer

July 14, 2025
Windows 11 now uses JScript9Legacy engine for improved security

Windows 11 now uses JScript9Legacy engine for improved security Microsoft announced that it has replaced the default scripting engine JScript with the newer and more secure JScript9Legacy on Windows 11 version 24H2 and later. […] Bill Toulas Go to bleepingcomputer

July 11, 2025
July Patch Tuesday offers 127 fixes

July Patch Tuesday offers 127 fixes The seventh month is always a big one for Microsoft, and this year is no exception Angela Gunn Go to sophos

July 11, 2025
Microsoft Authenticator on iOS moves backups fully to iCloud

Microsoft Authenticator on iOS moves backups fully to iCloud Microsoft is rolling out a new backup system in September for its Authenticator app on iOS, removing the requirement to use a Microsoft personal account to back up TOTP secrets and account names. […] Lawrence Abrams Go to bleepingcomputer

July 10, 2025
Microsoft confirms Windows Server Update Services (WSUS) sync is broken

Microsoft confirms Windows Server Update Services (WSUS) sync is broken Microsoft has confirmed a widespread issue in Windows Server Update Services (WSUS) that prevents organizations from syncing with Microsoft Update and deploying the latest Windows updates. […] Lawrence Abrams Go to bleepingcomputer

July 10, 2025
Microsoft Outlook Down: Users Unable to Access Mailboxes

Microsoft Outlook Down: Users Unable to Access Mailboxes In a significant disruption for millions of users worldwide, Microsoft Outlook has been experiencing a major outage since Wednesday, July 9, 2025, starting at 10:20 PM UTC. The issue has left users unable to access their mailboxes through any connection method, causing widespread frustration among individuals and…

July 10, 2025
Windows 10 KB5062554 cumulative update released with 13 changes, fixes

Windows 10 KB5062554 cumulative update released with 13 changes, fixes Microsoft has released the KB5062554 cumulative update for Windows 10 22H2 and Windows 10 21H2, with thirteen new fixes or changes. […] Lawrence Abrams Go to bleepingcomputer

July 9, 2025
Windows 11 KB5062553 & KB5062552 cumulative updates released

Windows 11 KB5062553 & KB5062552 cumulative updates released Microsoft has released Windows 11 KB5062553 and KB5062552 cumulative updates for versions 24H2 and 23H2 to fix security vulnerabilities and issues. […] Mayank Parmar Go to bleepingcomputer

July 9, 2025
Microsoft SQL Server 0-Day Vulnerability Exposes Sensitive Data Over Network

Microsoft SQL Server 0-Day Vulnerability Exposes Sensitive Data Over Network A critical information disclosure vulnerability in Microsoft SQL Server, designated as CVE-2025-49719, allows unauthorized attackers to access sensitive data over network connections. This vulnerability stems from improper input validation within SQL Server’s processing mechanisms, enabling attackers to disclose uninitialized memory contents without requiring authentication or…

July 9, 2025
Microsoft Remote Desktop Client Vulnerability Let Attackers Execute Remote Code

Microsoft Remote Desktop Client Vulnerability Let Attackers Execute Remote Code A critical security vulnerability in Microsoft Remote Desktop Client could allow attackers to execute arbitrary code on victim systems. The vulnerability, designated as CVE-2025-48817, affects multiple versions of Windows and poses significant security risks for organizations that rely on Remote Desktop Protocol (RDP) connections. Key…

July 9, 2025
Hands on with Windows 11 Notepad’s new markdown support

Hands on with Windows 11 Notepad’s new markdown support Notepad now lets you use markdown text formatting on Windows 11, which means you can write in Notepad just like you could in WordPad. […] Mayank Parmar Go to bleepingcomputer

July 7, 2025
Microsoft Investigating Forms Service Issue Not Accessible for Users

Microsoft Investigating Forms Service Issue Not Accessible for Users Microsoft is currently investigating a significant service disruption affecting Microsoft Forms, leaving numerous users unable to access the popular online survey and quiz platform. The issue, identified as incident FM1109073, began on July 4, 2025, at 12:42 PM GMT+5:30 and has been classified as a service…

July 4, 2025
Microsoft asks users to ignore Windows Firewall config errors

Microsoft asks users to ignore Windows Firewall config errors Microsoft asked customers this week to disregard incorrect Windows Firewall errors that appear after rebooting their systems following the installation of the June 2025 preview update. […] Sergiu Gatlan Go to bleepingcomputer

July 3, 2025
Microsoft Defender for Office 365 now blocks email bombing attacks

Microsoft Defender for Office 365 now blocks email bombing attacks Microsoft says its Defender for Office 365 cloud-based email security suite will now automatically detect and block email bombing attacks. […] Sergiu Gatlan Go to bleepingcomputer

July 1, 2025
Windows 11 KB5060829 update released with 38 new changes, fixes

Windows 11 KB5060829 update released with 38 new changes, fixes Microsoft has released the KB5060829 preview cumulative update for Windows 11 24H2, which includes 38 changes, including improvements to the taskbar and a new PC-to-PC migration experience. […] Sergiu Gatlan Go to bleepingcomputer

June 27, 2025
Microsoft confirms Family Safety blocks Google Chrome from launching

Microsoft confirms Family Safety blocks Google Chrome from launching Microsoft has confirmed that its Family Safety parental control service is blocking users from launching Google Chrome and other web browsers on Windows systems. […] Sergiu Gatlan Go to bleepingcomputer

June 26, 2025
Windows 10 KB5061087 update released with 13 changes and fixes

Windows 10 KB5061087 update released with 13 changes and fixes Microsoft has released the June 2025 non-security preview update for Windows 10, version 22H2, with fixes for bugs preventing the Start Menu from launching and breaking scanning features on USB multi-function printers. […] Sergiu Gatlan Go to bleepingcomputer

June 25, 2025
Windows Snipping Tool now lets you create animated GIF recordings

Windows Snipping Tool now lets you create animated GIF recordings Microsoft announced that the Windows screenshot and screencast Snipping Tool utility is getting support for exporting animated GIF recordings. […] Sergiu Gatlan Go to bleepingcomputer

June 23, 2025
Microsoft investigates OneDrive bug that breaks file search

Microsoft investigates OneDrive bug that breaks file search Microsoft is investigating a known OneDrive issue that is causing searches to appear blank for some users or return no results even when searching for files they know they’ve already uploaded. […] Sergiu Gatlan Go to bleepingcomputer

June 21, 2025
Microsoft Announces New Security Defaults for Windows 365 Cloud PCs

Microsoft Announces New Security Defaults for Windows 365 Cloud PCs Summary 1. Redirection controls disable clipboard, drive, USB, and printer access by default to prevent data exfiltration and malware injection. 2. Virtualization-based security enables VBS, Credential Guard, and HVCI on Windows 11 Cloud PCs to fortify against credential theft and kernel exploits. 3. Selective implementation…

June 21, 2025
Microsoft 365 to block file access via legacy auth protocols by default

Microsoft 365 to block file access via legacy auth protocols by default Microsoft has announced that it will soon update security defaults for all Microsoft 365 tenants to block access to SharePoint, OneDrive, and Office files via legacy authentication protocols. […] Sergiu Gatlan Go to bleepingcomputer

June 19, 2025