Tag: microsoft
-
The Exchange Online security controls organizations keep getting wrong
In this Help Net Security interview, Scott Schnoll, Microsoft MVP for Exchange, breaks down the Shared Responsibility Model, where Microsoft secures the cloud while … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/29/scott-schnoll-microsoft-exchange-online-security/
-
Microsoft Confirms Remote Desktop Warning Issue After April Update
Microsoft has officially confirmed a known issue affecting Remote Desktop Protocol (RDP) connections following the April 14, 2026, Patch Tuesday updates. Specifically impacting Windows 11 version 26H1 (KB5083768, OS Build 28000.1836), the update was intended to harden systems against malicious .rdp files. However, a newly introduced user interface bug is causing critical security warnings to render incorrectly,…
-
Microsoft Confirms Remote Desktop Warning Issue After April Update
Microsoft has officially confirmed a known issue affecting Remote Desktop Protocol (RDP) connections following the April 14, 2026, Patch Tuesday updates. Specifically impacting Windows 11 version 26H1 (KB5083768, OS Build 28000.1836), the update was intended to harden systems against malicious .rdp files. However, a newly introduced user interface bug is causing critical security warnings to render incorrectly,…
-
Microsoft’s GitHub shifts to metered AI billing amid cost crisis
The all-you-can-eat AI buffet is coming to an end First seen on theregister.com Jump to article: www.theregister.com/2026/04/28/microsofts_github_shifts_to_metered/
-
Microsoft’s GitHub shifts to metered AI billing amid cost crisis
The all-you-can-eat AI buffet is coming to an end First seen on theregister.com Jump to article: www.theregister.com/2026/04/28/microsofts_github_shifts_to_metered/
-
Microsoft to deprecate legacy TLS in Exchange Online starting July
Microsoft says it will start blocking legacy TLS connections for POP and IMAP email clients in Exchange Online starting in July 2026. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-to-deprecate-legacy-tls-in-exchange-online-starting-july/
-
Microsoft fixes Entra ID flaw enabling privilege escalation
Microsoft fixed a Microsoft Entra ID flaw where the Agent ID Administrator role could enable privilege escalation and account takeover. Microsoft addressed a flaw in Microsoft Entra ID that could let attackers take over service accounts. The issue involved the Agent ID Administrator role, which manages AI agent identities and access, and could be abused…
-
Maximal möglicher Schweregrad: Microsoft-Umgebungen durch Entra-ID-Lücke gefährdet
Bei Entra ID gab es bis vor wenigen Tagen eine Sicherheitslücke mit Höchstwertung. Offenbar bestand ein Risiko für zahlreiche Microsoft-Dienste. First seen on golem.de Jump to article: www.golem.de/news/maximal-moeglicher-schweregrad-microsoft-umgebungen-durch-entra-id-luecke-gefaehrdet-2604-208090.html
-
New Remote Desktop warnings may display incorrectly
Microsoft has confirmed a new issue causing newly introduced Windows security warnings to display incorrectly when opening Remote Desktop (.rdp) files. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-new-remote-desktop-warnings-may-display-incorrectly/
-
Microsoft Expands Copilot Agent Mode for Outlook Inbox and Calendar Tasks
Microsoft announced a major evolution for Copilot in Outlook, shifting the tool from a passive assistant to an autonomous agent. Instead of simply drafting emails or summarizing threads on command, the AI now actively manages ongoing daily tasks. This agentic update enables the system to handle routine triage, resolve rescheduling conflicts, and prioritize communications in…
-
Stopping AiTM attacks: The defenses that actually work after authentication succeeds
Tags: 2fa, access, attack, authentication, awareness, breach, communications, compliance, control, credentials, data, defense, detection, email, finance, framework, identity, incident response, login, mfa, microsoft, monitoring, nist, passkey, phishing, risk, service, threat, tool, trainingThe 3 controls that close the gap: Control #1: Bind sessions to managed devices The most impactful single control for session security is requiring managed, compliant devices as a condition of accessing sensitive resources. When access policies, such as Microsoft Entra Conditional Access, require that the device presenting a session token is enrolled, managed and…
-
Microsoft asks iPhone users to reauthenticate after Outlook outage
After addressing a widespread outage that affected Outlook.com users worldwide on Monday, Microsoft has asked iPhone users to re-enter their credentials to regain access to their Outlook and Hotmail accounts via the default Mail app. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-asks-iphone-users-to-re-enter-credentials-after-outlook-outage/
-
Microsoft Patches Entra ID Role Flaw That Enabled Service Principal Takeover
An administrative role meant for artificial intelligence (AI) agents within Microsoft Entra ID could enable privilege escalation and identity takeover attacks, according to new findings from Silverfort.Agent ID Administrator is a privileged built-in role introduced by Microsoft as part of its agent identity platform to handle all aspects of an AI agent’s identity lifecycle operations…
-
Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202
Microsoft on Monday revised its advisory for a now-patched, high-severity security flaw impacting Windows Shell to acknowledge that it has been actively exploited in the wild.The vulnerability in question is CVE-2026-32202 (CVSS score: 4.3), a spoofing vulnerability that could allow an attacker to access sensitive information. It was addressed as part of its Patch Tuesday…
-
Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202
Microsoft on Monday revised its advisory for a now-patched, high-severity security flaw impacting Windows Shell to acknowledge that it has been actively exploited in the wild.The vulnerability in question is CVE-2026-32202 (CVSS score: 4.3), a spoofing vulnerability that could allow an attacker to access sensitive information. It was addressed as part of its Patch Tuesday…
-
Unberechtigte Lese- und Schreibrechte – Kritische RCE-Schwachstelle verbreitet sich über Microsoft-GitHub-Repository
First seen on security-insider.de Jump to article: www.security-insider.de/kritische-github-action-luecke-windows-driver-samples-a-58810c5cd389118ac89a7a953f688c5c/
-
Hackers impersonate Microsoft Teams help desk to breach corporate networks
Hackers are impersonating Microsoft Teams help desk workers to trick victims into installing data-stealing malware, researchers found. First seen on therecord.media Jump to article: therecord.media/microsoft-teams-hackers-mandiant
-
Hackers impersonate Microsoft Teams help desk to breach corporate networks
Hackers are impersonating Microsoft Teams help desk workers to trick victims into installing data-stealing malware, researchers found. First seen on therecord.media Jump to article: therecord.media/microsoft-teams-hackers-mandiant
-
Beyondtrust ‘Microsoft Vulnerabilities Report” 2026 – Weniger Microsoft-Schwachstellen, aber mehr kritische Sicherheitslücken
First seen on security-insider.de Jump to article: www.security-insider.de/microsoft-vulnerabilities-report-2026-kritische-cloud-identitaetsluecken-a-06afb509bffd6b7533f41f9654d61971/
-
Beyondtrust ‘Microsoft Vulnerabilities Report” 2026 – Weniger Microsoft-Schwachstellen, aber mehr kritische Sicherheitslücken
First seen on security-insider.de Jump to article: www.security-insider.de/microsoft-vulnerabilities-report-2026-kritische-cloud-identitaetsluecken-a-06afb509bffd6b7533f41f9654d61971/
-
Microsoft patched an ‘agent-only’ role that was not
From principal ownership to full takeover: Once ownership of a service principal was obtained, the attacker could generate new credentials like client secrets or certificates, and use them to authenticate as the compromised application. If the application held elevated directory roles or sensitive API permissions, the attackers could inherit those privileges.”The impact depends on the…
-
UNC6692 Hackers Exploit Microsoft Teams to Deploy SNOW Malware
UNC6692 hackers exploit Microsoft Teams with fake IT alerts to deploy SNOW malware, steal credentials, and breach corporate networks in advanced attacks. First seen on hackread.com Jump to article: hackread.com/unc6692-hackers-microsoft-teams-snow-malware/
-
Microsoft Releases Enterprise Policy Option to Disable Windows 11 Copilot
Microsoft has introduced a new enterprise policy setting that allows IT administrators to silently uninstall the Microsoft Copilot app from managed Windows 11 devices, marking a significant shift in how organizations can control AI tool deployment across their fleets. The new RemoveMicrosoftCopilotApp policy setting became broadly available following the April 2026 Patch Tuesday security updates. It is…
-
Microsoft updates the Windows Update Experience: You can hit pause now
Keep the patches away for as long as you like First seen on theregister.com Jump to article: www.theregister.com/2026/04/27/microsoft_updates_the_windows_update/
-
Attackers use MS Teams, fake mailbox repair utility to breach organizations
A threat group has penetrated corporate networks by impersonating IT helpdesk staff on Microsoft Teams, tricking employees into downloading malware and surrendering their … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/27/attackers-use-ms-teams-fake-mailbox-repair-utility/
-
Microsoft says Outlook.com outage is causing sign”‘in failures
Tags: microsoftMicrosoft is investigating an ongoing Outlook.com outage that is causing intermittent signing issues and preventing customers from accessing their mailboxes. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-says-outlookcom-outage-is-causing-sign-in-failures/
-
Researchers Uncover 73 Fake VS Code Extensions Delivering GlassWorm v2 Malware
Cybersecurity researchers have flagged dozens of Microsoft Visual Studio Code (VS Code) extensions on the Open VSX repository that are linked to a persistent information-stealing campaign dubbed GlassWorm.The cluster of 73 extensions has been identified as cloned versions of their legitimate counterparts. Of these, six have been confirmed to be malicious, with the remaining acting…