Tag: microsoft
-
Microsoft Issues Emergency Fix After Some Windows 11 Systems Can’t Shut Down
The fix is for a bug that prevents some systems from shutting down, while another bug that prevents hibernation has no workaround yet. The post Microsoft Issues Emergency Fix After Some Windows 11 Systems Can’t Shut Down appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-windows-11-shutdown-bug/
-
Windows 11 shutdown bug forces Microsoft into outband damage control
Ships emergency update to fix a Patch Tuesday misfire that prevented systems from switching off First seen on theregister.com Jump to article: www.theregister.com/2026/01/19/windows_11_shutdown_bug/
-
Attackers Abuse WSL2 to Operate Undetected on Windows Systems
Windows Subsystem for Linux (WSL) has transformed the developer experience on Windows. However, it has also quietly created a powerful hiding place for attackers. With WSL2, Microsoft moved from lightweight translation to a whole virtual machine (VM) model. That architectural change gives adversaries a semi-isolated Linux environment running inside Hyper”‘V that is rarely monitored by…
-
Notfall-Patch ist da: Microsoft patzt beim ersten Update 2026
Das Januar-Sicherheitsupdate für Windows 11 verursacht Probleme beim Herunterfahren und bei Remote-Verbindungen – nun ist Abhilfe da. First seen on golem.de Jump to article: www.golem.de/news/notfall-patch-ist-da-microsoft-patzt-beim-ersten-update-2026-2601-204319.html
-
How ‘Reprompt’ Attack Let Hackers Steal Data From Microsoft Copilot
Varonis found a “Reprompt” attack that let a single link hijack Microsoft Copilot Personal sessions and exfiltrate data; Microsoft patched it in January 2026. The post How ‘Reprompt’ Attack Let Hackers Steal Data From Microsoft Copilot appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-reprompt-attack-microsoft-copilot/
-
Microsoft January 2026 Security Update Triggers Credential Prompt Failures in Remote Desktop
Microsoft’s January 2026 security update has disrupted enterpriseRemote Desktopinfrastructure, triggering widespread credential prompt failures that prevent users from accessingAzure Virtual Desktopand Windows 365 environments. The problematic patch KB5074109, released January 13, 2026, introduced an authentication regression affecting Windows 11 versions 24H2 and 25H2 running builds 26100.7623 and 26200.7623. The issue manifests as immediate sign-in failures when…
-
Microsoft January 2026 Security Update Triggers Credential Prompt Failures in Remote Desktop
Microsoft’s January 2026 security update has disrupted enterpriseRemote Desktopinfrastructure, triggering widespread credential prompt failures that prevent users from accessingAzure Virtual Desktopand Windows 365 environments. The problematic patch KB5074109, released January 13, 2026, introduced an authentication regression affecting Windows 11 versions 24H2 and 25H2 running builds 26100.7623 and 26200.7623. The issue manifests as immediate sign-in failures when…
-
Microsoft releases OOB Windows updates to fix shutdown, Cloud PC bugs
Microsoft has released multiple emergency, out-of-band updates for Windows 10, Windows 11, and Windows Server to fix two issues caused by the January Patch Tuesday updates. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-releases-oob-windows-updates-to-fix-shutdown-cloud-pc-bugs/
-
Cyberkriminelle bringen Copilot zum Plaudern: Wie sie Microsofts KI austricksen, um an eure Daten zu gelangen
First seen on t3n.de Jump to article: t3n.de/news/cyberkriminelle-bringen-copilot-zum-plaudern-tricksen-microsoft-ki-aus-1725442/
-
Microsoft’s January Security Update of High-Risk Vulnerability Notice for Multiple Products
Overview On January 14, NSFOCUS CERT detected that Microsoft released the January Security Update patch, which fixed 112 security issues involving widely used products such as Windows, Microsoft Office, Microsoft SQL Server, Azure, etc., including high-risk vulnerability types such as privilege escalation and remote code execution. Among the vulnerabilities fixed by Microsoft’s monthly update this…The…
-
Some Windows PCs fail to shut down after January update
Microsoft has confirmed a new issue that prevents Windows 11 23H2 devices with System Guard Secure Launch enabled from shutting down. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/microsoft-some-windows-pcs-fail-to-shut-down-after-january-update/
-
Azure Identity Token Flaw Exposes Windows Admin Center to Tenant-Wide Breaches
Cymulate Research Labs discovered a high-severity authentication bypass vulnerability in Microsoft Windows Admin Centre’s Azure AD Single Sign-On implementation that enables attackers with local administrator access on a single machine to compromise any other Windows Admin Center-managed system within the same Azure tenant. The flaw, tracked as CVE-2026-20965, stems from improper validation of Proof-of-Possession (PoP) tokens…
-
Azure Identity Token Flaw Exposes Windows Admin Center to Tenant-Wide Breaches
Cymulate Research Labs discovered a high-severity authentication bypass vulnerability in Microsoft Windows Admin Centre’s Azure AD Single Sign-On implementation that enables attackers with local administrator access on a single machine to compromise any other Windows Admin Center-managed system within the same Azure tenant. The flaw, tracked as CVE-2026-20965, stems from improper validation of Proof-of-Possession (PoP) tokens…
-
One click is all it takes: How ‘Reprompt’ turned Microsoft Copilot into data exfiltration tools
What devs and security teams should do now: As in usual security practice, enterprise users should always treat URLs and external inputs as untrusted, experts advised. Be cautious with links, be on the lookout for unusual behavior, and always pause to review pre-filled prompts.”This attack, like many others, originates with a phishing email or text…
-
Microsoft Copilot Studio extension for VS Code now publicly available
Tags: microsoftMicrosoft announced that the Copilot Studio extension for the Visual Studio Code (VS Code) integrated development environment is now available to all users. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-copilot-studio-extension-for-vs-code-now-publicly-available/
-
Microsoft taps UK courts to dismantle cybercrime host RedVDS
Redmond says cheap virtual desktops powered a global wave of phishing and fraud First seen on theregister.com Jump to article: www.theregister.com/2026/01/15/microsoft_uk_courts_redvds/
-
Vom Datenchaos zur Datenherrschaft in hybriden Microsoft-Umgebungen – Single Source of Trust im Identitätsmanagement
Tags: microsoftFirst seen on security-insider.de Jump to article: www.security-insider.de/single-source-of-trust-im-identitaetsmanagement-a-c3c8fec329fe15689ef7d60c29991d22/
-
Microsoft Legal Action Disrupts RedVDS Cybercrime Infrastructure Used for Online Fraud
Microsoft on Wednesday announced that it has taken a “coordinated legal action” in the U.S. and the U.K. to disrupt a cybercrime subscription service called RedVDS that has allegedly fueled millions in fraud losses.The effort, per the tech giant, is part of a broader law enforcement effort in collaboration with law enforcement authorities that has…
-
Schlag gegen Cyberkriminelle in Deutschland
Tags: cybercrime, germany, infrastructure, Internet, mail, microsoft, phishing, software, usa, windowsInternationalen Ermittlern und Microsoft ist ein Schlag gegen die Infrastruktur des Cybercrime-Dienst RedVDS gelungen. Die Server standen auch in Deutschland.In einer konzertierten Aktion haben Strafverfolgungsbehörden in Deutschland, den USA und Großbritannien zusammen mit Microsoft den globalen Cyberkriminalitätsdienst RedVDS zerschlagen. Das bestätigten die Zentralstelle für Internet- und Computerkriminalität (ZIT) bei der Generalstaatsanwaltschaft in Frankfurt sowie das Landeskriminalamt…
-
Microsoft shuts down RedVDS cybercrime subscription service tied to millions in fraud losses
Microsoft has announced a coordinated legal action in the United States and the United Kingdom to disrupt RedVDS, a global cybercrime subscription service tied to large-scale … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/15/microsoft-shuts-down-redvds-cybercrime-subscription-service/
-
Microsoft disrupts massive RedVDS cybercrime virtual desktop service
Microsoft announced on Wednesday that it disrupted RedVDS, a massive cybercrime platform linked to at least $40 million in reported losses in the United States alone since March 2025. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/microsoft-seizes-servers-disrupts-massive-redvds-cybercrime-platform/
-
Microsoft, Law Enforcement Disrupt RedVDS Global Cybercrime Service
Microsoft and law enforcement agencies in Europe disrupted the operations of RedVDS, a global cybercrime service that sold cheap and disposable dedicated virtual servers to threat actors that used them to run BEC, phishing, and other fraud campaigns. The vendor now wants to shut down its payment networks and find the operators behind it. First…
-
Microsoft Disrupts Cybercrime Service RedVDS
RedVDS, a cybercrime-as-a-service operation that has stolen millions from victims, lost two domains to a law enforcement operation supported by Microsoft. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/microsoft-disrupts-cybercrime-service-redvds
-
Microsoft Copilot Reprompt Attack Enables Stealthy Data Exfiltration
Reprompt is a one-click Microsoft Copilot attack that could enable silent data exfiltration, though Microsoft says it’s now patched. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/artificial-intelligence/microsoft-copilot-reprompt-attack-enables-stealthy-data-exfiltration/
-
Microsoft disrupts RedVDS cybercrime platform behind $40 million in scam losses
Microsoft and law enforcement partners took down a popular cybercriminal subscription service called RedVDS that was used to enable more than $40 million in fraud losses in the United States alone. First seen on therecord.media Jump to article: therecord.media/microsoft-redvds-cybercrime-scam
-
U.S. CISA adds a flaw in Microsoft Windows to its Known Exploited Vulnerabilities catalog
Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, microsoft, update, vulnerability, windowsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw impacting Microsoft Windows to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Microsoft Windows vulnerability, tracked as CVE-2026-20805 (CVSS Score of 8.7), to its Known Exploited Vulnerabilities (KEV) catalog. This week, Microsoft Patch Tuesday security updates for January 2026 release…
-
Microsoft Patch Tuesday security updates for January 2026 fixed actively exploited zero-day
Microsoft Patch Tuesday addressed 112 security flaws across Windows, Office, Azure, Edge, and more, including eight critical vulnerabilities, kicking off the new year with a major patch update. Microsoft Patch Tuesday security updates for January 2026 release 112 CVEs affecting Windows, Office, Azure, Edge, SharePoint, SQL Server, SMB, and Windows management services. Including third-party Chromium…
-
Microsoft DCU uses UK courts to hunt down cyber criminals
Microsoft has taken down the RedDVS cyber crime-as-a-service network after obtaining a UK court order, marking its first civil legal action outside of the US First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366637353/Microsoft-DCU-uses-UK-courts-to-hunt-down-cyber-criminals
-
Microsoft updates Windows DLL that triggered security alerts
Microsoft has resolved a known issue that was causing security applications to incorrectly flag a core Windows component, the company said in a service alert posted this week. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-updates-windows-dll-that-triggered-security-alerts/
-
ConsentFix debrief: Insights from the new OAuth phishing attack
ConsentFix is an OAuth phishing technique abusing browser-based authorization flows to hijack Microsoft accounts. Push Security shares new insights from continued tracking, community research, and evolving attacker techniques. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/consentfix-debrief-insights-from-the-new-oauth-phishing-attack/