Tag: microsoft
-
Microsoft Adds WiBased Work Location Auto-Detection to Teams
Microsoft is preparing to introduce a groundbreaking feature in Teams that will revolutionise how hybrid workers manage their presence information. The new capability will automatically identify and update users’ work locations by detecting their connection to organisational Wi-Fi networks, eliminating the need for manual status updates. Scheduled for deployment in December 2025, this opt-in functionality…
-
Microsoft Digital Defense Report 2025 – Deutschland ist das größte Ziel für Cyberangriffe in der EU
First seen on security-insider.de Jump to article: www.security-insider.de/deutschland-digitaler-angriff-microsoft-report-2025-a-f334421a421db80ef7613a3647bd5d5d/
-
Microsoft Digital Defense Report 2025 – Deutschland ist das größte Ziel für Cyberangriffe in der EU
First seen on security-insider.de Jump to article: www.security-insider.de/deutschland-digitaler-angriff-microsoft-report-2025-a-f334421a421db80ef7613a3647bd5d5d/
-
Exchange Online- und Teams-APIs: Änderungen der Standardeinstellungen
Es gibt Änderungen in den Standardeinstellungen der Exchange Online- und Teams-APIs, die die Sicherheit erhöhen sollen. Ab Ende Oktober bis November 2025 verlangt Microsoft die Zustimmung des Administrators für Drittanbieter-Apps, die über die von Microsoft verwaltete Standard-Zustimmungspolitik auf Exchange Online- … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/10/27/exchange-online-und-teams-apis-aenderungen-der-standardeinstellungen/
-
OpenAI goes after Microsoft 365 Copilot’s lunch with ‘company knowledge’ feature
ChatGPT can now rummage through corporate files via connectors, though Redmond still has the deeper hooks First seen on theregister.com Jump to article: www.theregister.com/2025/10/24/openai_chatgpt_company_knowledge/
-
Security Affairs newsletter Round 547 by Pierluigi Paganini INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Russian Rosselkhoznadzor hit by DDoS attack, food shipments across Russia delayed CVE-2025-59287: Microsoft fixes critical WSUS…
-
New CoPhish attack steals OAuth tokens via Copilot Studio agents
A new phishing technique dubbed ‘CoPhish’ weaponizes Microsoft Copilot Studio agents to deliver fraudulent OAuth consent requests via legitimate and trusted Microsoft domains. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-cophish-attack-steals-oauth-tokens-via-copilot-studio-agents/
-
CISA Beware! Hackers Are Actively Exploiting Windows Server Update Services RCE Flaw in the Wild
Tags: attack, cisa, cve, cyber, cybersecurity, exploit, flaw, hacker, microsoft, rce, remote-code-execution, service, update, vulnerability, windowsCybersecurity researchers are sounding the alarm after discovering that hackers are actively exploiting a critical remote code execution (RCE) vulnerability in Microsoft’s Windows Server Update Services (WSUS). The flaw, tracked as CVE-2025-59287, allows unauthenticated attackers to run arbitrary code on vulnerable servers, and evidence suggests that these attacks are being carried out manually, a technique…
-
New ‘CoPhish’ technique wraps OAuth phishing in Microsoft Copilot
A new phishing technique dubbed ‘CoPhish’ weaponizes Microsoft Copilot Studio agents to deliver fraudulent OAuth consent requests via legitimate and trusted Microsoft domains. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-cophish-technique-wraps-oauth-phishing-in-microsoft-copilot/
-
CVE-2025-59287: Microsoft fixes critical WSUS flaw under active attack
Microsoft released urgent updates to address the critical WSUS RCE vulnerability CVE-2025-59287, which is under active attack.. Microsoft released an out-of-band fix for CVE-2025-59287, a critical WSUS RCE flaw (CVSS 9.8) that is under active exploitation. Researchers MEOW and Markus Wulftange of CODE WHITE GmbH reported the vulnerability. >>To comprehensively address CVE-2025-59287, Microsoft has released…
-
Windows Server: OutBand Updates für WSUS-Schwachstelle CVE-2025-59287 (23.10.2025)
Es gibt ein Out-of-Band Update KB5070883 für Windows Server 2019, welches Microsoft zum 23. Oktober 2025 bereitgestellt hat. Ziel dieses Notfall-Updates ist es, eine kritische Schwachstelle in WSUS zu schließen. Die Remote Execution-Schwachstelle CVE-2025-59287 wurde mit einem CVSS-Score von 9.8 … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/10/24/windows-server-2019-out-of-band-update-kb5070883-fuer-wsus-schwachstelle/
-
Top 10 Best Cloud Security Companies For AWS, Azure And GCP in 2025
Organizations are not just adopting cloud; they are embracing multi-cloud and hybrid strategies as the new norm, distributing workloads across Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP) to optimize for cost, performance, and resilience. While the cloud offers unparalleled agility and innovation, it also introduces a unique set of security challenges.…
-
Hackers exploiting critical vulnerability in Windows Server Update Service
Microsoft has issued an out-of-band update and is urging users to immediately apply the patch. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/hackers-exploiting-critical-vulnerability-windows-server-update-service/803810/
-
Microsoft Issues Emergency Patch for Critical Windows Server Bug
Microsoft initially fixed CVE-2025-59287 in the WSUS update mechanism in the October 2025 Patch Tuesday release, but the company has now issued a second, out-of-band update for the flaw, which is under attack in the wild. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/microsoft-emergency-patch-windows-server-bug
-
Sneaky Mermaid attack in Microsoft 365 Copilot steals data
Redmond says it’s fixed this particular indirect prompt injection vuln First seen on theregister.com Jump to article: www.theregister.com/2025/10/24/m365_copilot_mermaid_indirect_prompt_injection/
-
U.S. CISA adds Microsoft WSUS, and Adobe Commerce and Magento Open Source flaws to its Known Exploited Vulnerabilities catalog
Tags: adobe, cisa, cybersecurity, exploit, flaw, infrastructure, kev, microsoft, open-source, vulnerabilityU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft WSUS, and Adobe Commerce and Magento Open Source flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Microsoft WSUS, and Adobe Commerce and Magento Open Source flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below the list of flaws added to the…
-
Newly Patched Critical Microsoft WSUS Flaw Comes Under Active Exploitation
Microsoft on Thursday released out-of-band security updates to patch a critical-severity Windows Server Update Service (WSUS) vulnerability with a proof-of-concept (Poc) exploit publicly available and has come under active exploitation in the wild.The vulnerability in question is CVE-2025-59287 (CVSS score: 9.8), a remote code execution flaw in WSUS that was originally fixed by the tech…
-
Microsoft threatens to ram Copilot into Exchange Server on-prem
Survey probes interest in AI assistance for locally hosted email setups First seen on theregister.com Jump to article: www.theregister.com/2025/10/23/copilot_exchange_server/
-
Microsoft Issues Emergency Patch for Actively Exploited Critical WSUS Vulnerability
Microsoft on Thursday released out-of-band security updates to patch a critical-severity Windows Server Update Service (WSUS) vulnerability with a proof-of-concept (Poc) exploit publicly available and has come under active exploitation in the wild.The vulnerability in question is CVE-2025-59287 (CVSS score: 9.8), a remote code execution flaw in WSUS that was originally fixed by the tech…
-
Windows Server 2019: OutBand Updates KB5070883 für WSUS-Schwachstelle (23.10.2025)
Es gibt ein Out-of-Band Update KB5070883 für Windows Server 2019, welches Microsoft zum 23. Oktober 2025 bereitgestellt hat. Ziel dieses Notfall-Updates ist es, eine kritische Schwachstelle in WSUS zu schließen. Die Remote Execution-Schwachstelle CVE-2025-59287 wurde mit einem CVSS-Score von 9.8 … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/10/24/windows-server-2019-out-of-band-update-kb5070883-fuer-wsus-schwachstelle/
-
Microsoft drops surprise Windows Server patch before weekend downtime
You didn’t have plans, did you? First seen on theregister.com Jump to article: www.theregister.com/2025/10/24/windows_server_patch/
-
Microsoft releases urgent fix for actively exploited WSUS vulnerability (CVE-2025-59287)
Microsoft has released an out-of-band security update that >>comprehensively
-
Microsoft Issues Emergency Patch for Critical WSUS Remote Code Execution Flaw (CVE-2025-59287)
Microsoft has released an urgent out-of-band security update to address a severe remote code execution (RCE) vulnerability in Windows Server Update Services (WSUS). The flaw, tracked as CVE-2025-59287, poses a direct risk to organizations that utilize WSUS to manage Windows updates across their IT infrastructure. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/microsoft-fixes-cve-2025-59287/
-
Microsoft Issues Emergency Patch for Critical WSUS Remote Code Execution Flaw (CVE-2025-59287)
Microsoft has released an urgent out-of-band security update to address a severe remote code execution (RCE) vulnerability in Windows Server Update Services (WSUS). The flaw, tracked as CVE-2025-59287, poses a direct risk to organizations that utilize WSUS to manage Windows updates across their IT infrastructure. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/microsoft-fixes-cve-2025-59287/
-
Windows Server 2019: OutBand Update KB5070883 für WSUS-Schwachstelle (23.10.2025)
Es gibt ein Out-of-Band Update KB5070883 für Windows Server 2019, welches Microsoft zum 23. Oktober 2025 bereitgestellt hat. Ziel dieses Notfall-Updates ist es, eine kritische Schwachstelle in WSUS zu schließen. Die Remote Execution-Schwachstelle CVE-2025-59287 wurde mit einem CVSS-Score von 9.8 … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/10/24/windows-server-2019-out-of-band-update-kb5070883-fuer-wsus-schwachstelle/
-
Microsoft blocks risky file previews in Windows File Explorer
Along with fixing many code-based vulnerabilities, the October 2025 Windows updates also change how File Explorer handles files downloaded from the internet. The change … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/24/microsoft-blocks-risky-file-previews-in-windows-file-explorer/
-
Microsoft blocks risky file previews in Windows File Explorer
Along with fixing many code-based vulnerabilities, the October 2025 Windows updates also change how File Explorer handles files downloaded from the internet. The change … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/24/microsoft-blocks-risky-file-previews-in-windows-file-explorer/
-
Microsoft blocks risky file previews in Windows File Explorer
Along with fixing many code-based vulnerabilities, the October 2025 Windows updates also change how File Explorer handles files downloaded from the internet. The change … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/24/microsoft-blocks-risky-file-previews-in-windows-file-explorer/
-
China-linked hackers exploit patched ToolShell flaw to breach Middle East telecom
China-based threat actors exploited ToolShell SharePoint flaw CVE-2025-53770 soon after its July patch. China-linked threat actors exploited the ToolShell SharePoint flaw vulnerability, tracked as CVE-2025-53770, to breach a telecommunications company in the Middle East after it was addressed by Microsoft in July 2025. >>China-based attackers used the ToolShell vulnerability (CVE-2025-53770) to compromise a telecoms company in…
-
Windows Server emergency patches fix WSUS bug with PoC exploit
Microsoft has released out-of-band (OOB) security updates to patch a critical-severity Windows Server Update Service (WSUS) vulnerability with publicly available proof-of-concept exploit code. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/microsoft-releases-windows-server-emergency-updates-for-critical-wsus-rce-flaw/