Category: Microsoft
-
Enabling Incognito Mode in RDP to Hide All the Traces
Enabling Incognito Mode in RDP to Hide All the Traces Microsoft’s Remote Desktop Protocol (RDP) has introduced a lesser-known but critical security feature colloquially referred to as “incognito mode” through its /public command-line parameter. This functionality, formally called public mode, prevents the client from storing sensitive session artifacts—a development with significant implications for cybersecurity, digital…
-
New Microsoft 365 outage impacts Teams, causes call failures
New Microsoft 365 outage impacts Teams, causes call failures Microsoft is investigating a new Microsoft 365 outage that is affecting Teams customers and causing call failures. […] Sergiu Gatlan Go to bleepingcomputer
-
CISA tags Windows, Cisco vulnerabilities as actively exploited
CISA tags Windows, Cisco vulnerabilities as actively exploited CISA has warned US federal agencies to secure their systems against attacks exploiting vulnerabilities in Cisco and Windows systems. […] Sergiu Gatlan Go to bleepingcomputer
-
Microsoft confirms it’s killing off Skype in May, after 14 years
Microsoft confirms it’s killing off Skype in May, after 14 years Microsoft has confirmed that the Skype video call and messaging service will be shut down in May, 14 years after replacing the Windows Live Messenger. […] Sergiu Gatlan Go to bleepingcomputer
-
Microsoft names cybercriminals behind AI deepfake network
Microsoft names cybercriminals behind AI deepfake network Microsoft has named multiple threat actors part of a cybercrime gang accused of developing malicious tools capable of bypassing generative AI guardrails to generate celebrity deepfakes and other illicit content. […] Sergiu Gatlan Go to bleepingcomputer
-
Windows 11 KB5052093 update released with 33 changes and fixes
Windows 11 KB5052093 update released with 33 changes and fixes Microsoft has released the February 2025 preview cumulative update for Windows 11 24H2, with 33 improvements and fixes for multiple issues, including SSH and File Explorer bugs and the volume jumping to 100% when waking the PC from sleep. […] Sergiu Gatlan Go to bleepingcomputer
-
Windows 11 24H2 upgrades now blocked for some AutoCAD users
Windows 11 24H2 upgrades now blocked for some AutoCAD users Microsoft has introduced a new Windows 11 24H2 upgrade block for systems with AutoCAD 2022, addressing compatibility issues that prevent the program from launching. […] Sergiu Gatlan Go to bleepingcomputer
-
Microsoft fixes Entra ID authentication issue caused by DNS change
Microsoft fixes Entra ID authentication issue caused by DNS change Microsoft has fixed an issue that caused Entra ID DNS authentication failures when using the company’s Seamless SSO and Microsoft Entra Connect Sync. […] Sergiu Gatlan Go to bleepingcomputer
-
Microsoft tests ad-supported Office apps for Windows users
Microsoft tests ad-supported Office apps for Windows users Microsoft has released ad-supported versions of its Office desktop apps, which have limited features but allow Windows users to edit their documents. […] Sergiu Gatlan Go to bleepingcomputer
-
Microsoft reminds admins to prepare for WSUS driver sync deprecation
Microsoft reminds admins to prepare for WSUS driver sync deprecation Microsoft once again reminded IT administrators that driver synchronization in Windows Server Update Services (WSUS) will be deprecated on April 18, just 60 days from now. […] Sergiu Gatlan Go to bleepingcomputer
-
Got a Microsoft Teams invite? Storm-2372 gang exploit device codes in global phishing attacks
Got a Microsoft Teams invite? Storm-2372 gang exploit device codes in global phishing attacks Security experts have warned that a cybercriminal group has been running a malicious and inventive phishing campaign since August 2024 to break into organizations across Europe, North America, Africa, and the Middle East. Read more in my article on the Tripwire…
-
Microsoft to remove the Location History feature in Windows
Microsoft to remove the Location History feature in Windows Microsoft announced the deprecation of the Location History feature from Windows, which let applications like the Cortana virtual assistant to fetch location history of the device. […] Bill Toulas Go to bleepingcomputer
-
Microsoft rolls out BIOS update that fixes ASUS blue screen issues
Microsoft rolls out BIOS update that fixes ASUS blue screen issues More ASUS customers can now install Windows 11 24H2 after applying a BIOS update that resolves blue screen of death (BSOD) issues acknowledged in October. […] Sergiu Gatlan Go to bleepingcomputer
-
Windows 10 KB5051974 update force installs new Microsoft Outlook app
Windows 10 KB5051974 update force installs new Microsoft Outlook app Microsoft has released the KB5051974 cumulative update for Windows 10 22H2 and Windows 10 21H2, which automatically installs the new Outlook for Windows app and fixes a memory leak bug. […] Lawrence Abrams Go to bleepingcomputer
-
Microsoft February 2025 Patch Tuesday fixes 4 zero-days, 55 flaws
Microsoft February 2025 Patch Tuesday fixes 4 zero-days, 55 flaws Today is Microsoft’s February 2025 Patch Tuesday, which includes security updates for 55 flaws, including four zero-day vulnerabilities, with two actively exploited in attacks. […] Lawrence Abrams Go to bleepingcomputer
-
Windows 11 KB5051987 & KB5051989 cumulative updates released
Windows 11 KB5051987 & KB5051989 cumulative updates released Microsoft has released Windows 11 KB5051987 and KB5051989 cumulative updates for versions 24H2 and 23H2 to fix security vulnerabilities and issues. […] Mayank Parmar Go to bleepingcomputer
-
Russian military hackers deploy malicious Windows activators in Ukraine
Russian military hackers deploy malicious Windows activators in Ukraine The Sandworm Russian military cyber-espionage group is targeting Windows users in Ukraine with trojanized Microsoft Key Management Service (KMS) activators and fake Windows updates. […] Sergiu Gatlan Go to bleepingcomputer
-
February Patch Tuesday delivers 57 packages
February Patch Tuesday delivers 57 packages After January’s deluge, a calmer update volume returns Angela Gunn Go to sophos
-
Microsoft shares workaround for Windows security update issues
Microsoft shares workaround for Windows security update issues Microsoft has shared a workaround for users affected by a known issue that blocks Windows security updates from deploying on some Windows 11 24H2 systems. […] Sergiu Gatlan Go to bleepingcomputer
-
Microsoft says attackers use exposed ASP.NET keys to deploy malware
Microsoft says attackers use exposed ASP.NET keys to deploy malware Microsoft warns that attackers are deploying malware in ViewState code injection attacks using static ASP. NET machine keys found online. […] Sergiu Gatlan Go to bleepingcomputer
-
Critical RCE bug in Microsoft Outlook now exploited in attacks
Critical RCE bug in Microsoft Outlook now exploited in attacks CISA warned U.S. federal agencies on Thursday to secure their systems against ongoing attacks targeting a critical Microsoft Outlook remote code execution (RCE) vulnerability. […] Sergiu Gatlan Go to bleepingcomputer
-
New Microsoft script updates Windows media with bootkit malware fixes
New Microsoft script updates Windows media with bootkit malware fixes Microsoft has released a PowerShell script to help Windows users and admins update bootable media so it utilizes the new “Windows UEFI CA 2023” certificate before the mitigations of the BlackLotus UEFI bootkit are enforced later this year. […] Lawrence Abrams Go to bleepingcomputer
-
On Generative AI Security
On Generative AI Security Microsoft’s AI Red Team just published “Lessons from Red Teaming 100 Generative AI Products.” Their blog post lists “three takeaways,” but the eight lessons in the report itself are more useful: Understand what the system can do and where it is applied. You don’t have to compute gradients to break an…
-
Microsoft improves text contrast for all Windows Chromium browsers
Microsoft improves text contrast for all Windows Chromium browsers Microsoft says it improved the contrast of text rendered in all Chromium-based web browsers on Windows, making it more readable on some displays. […] Sergiu Gatlan Go to bleepingcomputer
-
Microsoft to Boost M365 Bounty Program With New Products & Rewards Up to $27,000
Microsoft to Boost M365 Bounty Program With New Products & Rewards Up to $27,000 A significant extension of Microsoft’s Microsoft 365 (M365) Bounty Program has been announced. The program now includes new Viva products under its scope for identifying vulnerabilities, with rewards reaching up to $27,000 for critical submissions. This update underscores Microsoft’s commitment to…
-
Microsoft investigates Microsoft 365 outage affecting users, admins
Microsoft investigates Microsoft 365 outage affecting users, admins Microsoft is investigating an ongoing outage preventing users and admins from accessing some Microsoft 365 services and the admin center. […] Sergiu Gatlan Go to bleepingcomputer
-
Microsoft: January Windows security updates break audio playback
Microsoft: January Windows security updates break audio playback Microsoft has confirmed that the January 2025 Windows security updates are breaking audio playback on some systems with external DACs (digital-to-analog converters). […] Sergiu Gatlan Go to bleepingcomputer
-
Microsoft to deprecate WSUS driver synchronization in 90 days
Microsoft to deprecate WSUS driver synchronization in 90 days Microsoft has reminded Windows administrators that driver synchronization in Windows Server Update Services (WSUS) will be deprecated on April 18, 90 days from now. […] Sergiu Gatlan Go to bleepingcomputer
-
Hackers use Windows RID hijacking to create hidden admin account
Hackers use Windows RID hijacking to create hidden admin account A North Korean threat group has been using a technique called RID hijacking that tricks Windows into treating a low-privileged account as one with administrator permissions. […] Bill Toulas Go to bleepingcomputer
-
Microsoft previews Game Assist in-game browser in Edge Stable
Microsoft previews Game Assist in-game browser in Edge Stable Microsoft has announced that Game Assist, its recently unveiled in-game browser, is now also available in preview for Microsoft Edge Stable users. […] Sergiu Gatlan Go to bleepingcomputer
-
Microsoft: Exchange 2016 and 2019 reach end of support in October
Microsoft: Exchange 2016 and 2019 reach end of support in October Microsoft has reminded admins that Exchange 2016 and Exchange 2019 will reach the end of extended support in October and shared guidance for those who need to decommission outdated servers. […] Sergiu Gatlan Go to bleepingcomputer
-
Microsoft fixes Windows Server 2022 bug breaking device boot
Microsoft fixes Windows Server 2022 bug breaking device boot Microsoft has fixed a bug that was causing some Windows Server 2022 systems with two or more NUMA nodes to fail to start up. […] Sergiu Gatlan Go to bleepingcomputer
-
Microsoft shares temp fix for Outlook crashing when writing emails
Microsoft shares temp fix for Outlook crashing when writing emails Microsoft has shared a temporary fix for a known issue that causes classic Outlook to crash when writing, replying to, or forwarding an email. […] Sergiu Gatlan Go to bleepingcomputer
-
Microsoft removes Assassin’s Creed Windows 11 upgrade blocks
Microsoft removes Assassin’s Creed Windows 11 upgrade blocks Earlier this week, Ubisoft released Assassin’s Creed Valhalla and Assassin’s Creed Origins patches to fix Windows 11 24H2 compatibility issues that caused crashes, freezes, and audio problems. […] Sergiu Gatlan Go to bleepingcomputer
-
Microsoft fixes Office 365 apps crashing on Windows Server systems
Microsoft fixes Office 365 apps crashing on Windows Server systems Microsoft has fixed a known issue that caused Microsoft 365 applications and Classic Outlook to crash on Windows Server 2016 or Windows Server 2019 systems. […] Sergiu Gatlan Go to bleepingcomputer
-
CISA shares guidance for Microsoft expanded logging capabilities
CISA shares guidance for Microsoft expanded logging capabilities CISA shared guidance for government agencies and enterprises on using expanded cloud logs in their Microsoft 365 tenants as part of their forensic and compliance investigations. […] Sergiu Gatlan Go to bleepingcomputer
-
January Windows updates may fail if Citrix SRA is installed
January Windows updates may fail if Citrix SRA is installed Microsoft is warning that the January 2025 Windows 11 and Windows 10 cumulative updates may fail if Citrix Session Recording Agent (SRA) version 2411 is installed on the device. […] Lawrence Abrams Go to bleepingcomputer
-
Windows 10 KB5049981 update released with new BYOVD blocklist
Windows 10 KB5049981 update released with new BYOVD blocklist Microsoft has released the KB5049981 cumulative update for Windows 10 22H2 and Windows 10 21H2, which contains an updated Kernel driver blocklist to prevent Bring Your Own Vulnerable Driver (BYOVD) attacks. […] Lawrence Abrams Go to bleepingcomputer
-
159-CVE January Patch Tuesday smashes single-month record
159-CVE January Patch Tuesday smashes single-month record Brace yourselves… and consider reading your email in plaintext for now Angela Gunn Go to sophos
-
Microsoft: macOS bug lets hackers install malicious kernel drivers
Microsoft: macOS bug lets hackers install malicious kernel drivers Apple recently addressed a macOS vulnerability that allows attackers to bypass System Integrity Protection (SIP) and install malicious kernel drivers by loading third-party kernel extensions. […] Sergiu Gatlan Go to bleepingcomputer
-
Microsoft Takes Legal Action Against AI “Hacking as a Service” Scheme
Microsoft Takes Legal Action Against AI “Hacking as a Service” Scheme Not sure this will matter in the end, but it’s a positive move: Microsoft is accusing three individuals of running a “hacking-as-a-service” scheme that was designed to allow the creation of harmful and illicit content using the company’s platform for AI-generated content. The foreign-based…
-
Microsoft fixes OneDrive bug causing macOS app freezes
Microsoft fixes OneDrive bug causing macOS app freezes Microsoft has fixed a known issue causing macOS applications to freeze when opening or saving files in OneDrive. […] Sergiu Gatlan Go to bleepingcomputer
-
Microsoft Bing shows misleading Google-like page for ‘Google’ searches
Microsoft Bing shows misleading Google-like page for ‘Google’ searches Microsoft Bing is displaying what is being categorized as a misleading Google-esque search page when users search for Google, making it look you are on the competing search engine. […] Lawrence Abrams Go to bleepingcomputer
-
Microsoft may have scrapped Windows 11’s dynamic wallpapers feature
Microsoft may have scrapped Windows 11’s dynamic wallpapers feature Microsoft has many good ideas for Windows 11 that often do not ship, and one of them was “Dynamic Wallpapers,” which, as the name suggests, could have made the wallpaper dynamic, similar to third-party tools like Lively Wallpaper. […] Mayank Parmar Go to bleepingcomputer
-
Windows 10 users urged to upgrade to avoid “security fiasco”
Windows 10 users urged to upgrade to avoid “security fiasco” Cybersecurity firm ESET is urging Windows 10 users to upgrade to Windows 11 or Linux to avoid a “security fiasco” as the 10-year-old operating system nears the end of support in October 2025. […] Lawrence Abrams Go to bleepingcomputer
-
Microsoft issues urgent dev warning to update .NET installer link
Microsoft issues urgent dev warning to update .NET installer link Microsoft is forcing .NET developers to quickly update their apps and developer pipelines so they do not use ‘azureedge.net’ domains to install .NET components, as the domain will soon be unavailable due to the bankruptcy and imminent shutdown of CDN provider Edgio. […] Bill Toulas…
-
Windows 11 installation media bug causes security update failures
Windows 11 installation media bug causes security update failures Microsoft is warning of an issue when using a media support to install Windows 11, version 24H2, that causes the operating system to not accept further security updates. […] Bill Toulas Go to bleepingcomputer
-
Five lesser known Task Manager features in Windows 11
Five lesser known Task Manager features in Windows 11 Windows 11 is far from perfect, but it does make Task Manager significantly better. In this article, we’re going to take a closer look at some of our favourite Task Manager features. […] Mayank Parmar Go to bleepingcomputer
-
Microsoft 365 users hit by random product deactivation errors
Microsoft 365 users hit by random product deactivation errors Microsoft is investigating a known issue randomly triggering “Product Deactivated” errors for customers using Microsoft 365 Office apps. […] Sergiu Gatlan Go to bleepingcomputer
-
CISA orders federal agencies to secure Microsoft 365 tenants
CISA orders federal agencies to secure Microsoft 365 tenants CISA has issued this year’s first binding operational directive (BOD 25-01), ordering federal civilian agencies to secure their Microsoft 365 cloud environments by implementing a list of required configuration baselines. […] Sergiu Gatlan Go to bleepingcomputer
-
Microsoft lifts Windows 11 24H2 block on PCs with USB scanners
Microsoft lifts Windows 11 24H2 block on PCs with USB scanners Microsoft has lifted a compatibility block preventing Windows 11 24H2 upgrades after fixing a bug causing USB connection issues to some scanners. […] Sergiu Gatlan Go to bleepingcomputer
-
December Patch Tuesday arrives bearing 71 gifts
December Patch Tuesday arrives bearing 71 gifts Seventeen Critical-severity CVEs ready to deck your halls; also, new blog guidance for Windows Server admins Angela Gunn Go to sophos
-
Windows 10 KB5048652 update fixes new motherboard activation bug
Windows 10 KB5048652 update fixes new motherboard activation bug Microsoft has released the KB5048652 cumulative update for Windows 10 22H2, which contains six fixes, including a fix that prevented Windows 10 from activating when you change a device’s motherboard. […] Lawrence Abrams Go to bleepingcomputer
-
Microsoft December 2024 Patch Tuesday fixes 1 exploited zero-day, 71 flaws
Microsoft December 2024 Patch Tuesday fixes 1 exploited zero-day, 71 flaws Today is Microsoft’s December 2024 Patch Tuesday, which includes security updates for 71 flaws, including one actively exploited zero-day vulnerability. […] Lawrence Abrams Go to bleepingcomputer
-
“CP3O” pleads guilty to multi-million dollar cryptomining scheme
“CP3O” pleads guilty to multi-million dollar cryptomining scheme A man faces up to 20 years in prison after pleading guilty to charges related to an illegal cryptomining operation that stole millions of dollars worth of cloud computing resources. Read more in my article on the Hot for Security blog. Graham Cluley Go to grahamcluley
-
Ubisoft fixes Windows 11 24H2 conflicts causing game crashes
Ubisoft fixes Windows 11 24H2 conflicts causing game crashes Microsoft has now partially lifted a compatibility hold blocking the Windows 24H2 update on systems with some Ubisoft games after the French video game publisher has fixed bugs causing crashes, freezes, and audio issues. […] Sergiu Gatlan Go to bleepingcomputer
-
Outdated Google Workspace Sync blocks Windows 11 24H2 upgrades
Outdated Google Workspace Sync blocks Windows 11 24H2 upgrades Microsoft now blocks the Windows 11 24H2 update on computers with outdated Google Workspace Sync installs because they’re causing Outlook launch issues. […] Sergiu Gatlan Go to bleepingcomputer
-
Microsoft expands Recall preview to Intel and AMD Copilot+ PCs
Microsoft expands Recall preview to Intel and AMD Copilot+ PCs Microsoft is now testing its AI-powered Recall feature on AMD and Intel-powered Copilot+ PCs enrolled in the Windows 11 Insider program. […] Sergiu Gatlan Go to bleepingcomputer
-
New Windows zero-day exposes NTLM credentials, gets unofficial patch
New Windows zero-day exposes NTLM credentials, gets unofficial patch A new zero-day vulnerability has been discovered that allows attackers to capture NTLM credentials by simply tricking the target into viewing a malicious file in Windows Explorer. […] Bill Toulas Go to bleepingcomputer
-
Microsoft says having a TPM is “non-negotiable” for Windows 11
Microsoft says having a TPM is “non-negotiable” for Windows 11 Microsoft made it abundantly clear this week that Windows 10 users won’t be able to upgrade to Windows 11 unless their systems come with TPM 2.0 support, stating it’s a “non-negotiable” requirement. […] Sergiu Gatlan Go to bleepingcomputer
-
New Windows Server 2012 zero-day gets free, unofficial patches
New Windows Server 2012 zero-day gets free, unofficial patches Free unofficial security patches have been released through the 0patch platform to address a zero-day vulnerability introduced over two years ago in the Windows Mark of the Web (MotW) security mechanism. […] Sergiu Gatlan Go to bleepingcomputer
-
Microsoft re-releases Exchange updates after fixing mail delivery
Microsoft re-releases Exchange updates after fixing mail delivery Microsoft has re-released the November 2024 security updates for Exchange Server after pulling them earlier this month due to email delivery issues on servers using custom mail flow rules. […] Sergiu Gatlan Go to bleepingcomputer
-
Microsoft says it’s not using your Word, Excel data for AI training
Microsoft says it’s not using your Word, Excel data for AI training Microsoft has denied claims that it uses Microsoft 365 apps (including Word, Excel, and PowerPoint) to collect data to train the company’s artificial intelligence (AI) models. […] Sergiu Gatlan Go to bleepingcomputer