< ciso
brief />
Tag Banner

All news with #microsoft tag

836 articles · page 15 of 42

Microsoft Links Classic Outlook Bug to Email Delivery Issues

📧 Microsoft is investigating a known issue that prevents some Classic Outlook users from sending messages via Outlook.com, causing non-delivery reports that indicate permission errors (0x80070005-0x0004dc-0x000524). The problem is more likely when the Outlook.com account is an Outlook profile linked to another Exchange account or when an Exchange Online mail contact shares the same SMTP address. Microsoft published temporary workarounds — remove the M365 account Address Book, hide the Outlook.com contact in the Global Address List, create a fresh Classic profile with only the affected account, or use the New Outlook client or webmail until a permanent fix is deployed.
read more →

EvilTokens kit powers Microsoft device-code phishing

⚠️ EvilTokens is a commercially sold phishing kit that abuses the device code authorization flow to hijack Microsoft accounts and enable advanced BEC operations. Distributed via Telegram, campaigns deliver document lures with QR codes or links to phishing templates impersonating trusted services and workflows. Victims are prompted to authenticate on the real Microsoft device login, producing short-lived access tokens and refresh tokens that give attackers immediate and persistent access. Sekoia reported global campaigns and published IoCs and YARA rules; the author says support for Gmail and Okta is planned.
read more →

Emergency Windows 11 KB5086672 Fixes Install Failures

🛠️ Microsoft released an out-of-band update, KB5086672, to replace the broken March preview KB5079391 and address installation failures that produced Error 0x80073712 on Windows 11 24H2 and 25H2 systems. The cumulative OOB update supersedes prior March protections and improvements and may be offered automatically to devices with "Get the latest updates" enabled. If that setting is off, install via Settings > Windows Update > Download & install.
read more →

WhatsApp-delivered VBS Campaign Installs MSI Backdoors

🛡️ Microsoft Defender Experts (DEX) observed a late-February 2026 campaign leveraging WhatsApp messages to deliver malicious Visual Basic Script (VBS) files. Executing the VBS creates hidden folders under C:\ProgramData, drops renamed legitimate Windows utilities, and uses them to download additional payloads from cloud services such as AWS, Tencent Cloud, and Backblaze B2. Attackers escalate privileges, tamper with UAC and registry settings, and install unsigned MSI packages to establish persistent remote access. Microsoft recommends hardening script hosts, monitoring cloud traffic and registry changes, and enabling Defender protections.
read more →

Microsoft fixes Outlook Classic crashes from Teams add-in

🛠️ Microsoft has resolved a bug that caused the classic Outlook client to crash when the Microsoft Teams Meeting Add-in was enabled. First reported on March 12 and tracked under incident EX1254044, the issue occurred when older Outlook builds used the Teams Meeting Add‑in build 1.26.02603, for example Current Channel Outlook <= Version 2402 (Build 17328.20142). A fix is rolling out with Teams version 26058.712.4527.9297; Microsoft recommends updating Outlook to the latest build or performing an Online Repair for click‑to‑run installs. As a temporary workaround, users who must remain on an older Office build can disable the Teams Meeting Add‑in via Outlook Safe Mode (Ctrl on launch) and the COM Add‑ins dialog.
read more →

Amazon RDS for SQL Server Developer Edition in GovCloud

🆕 Amazon RDS for SQL Server now offers Microsoft SQL Server Developer Edition in the AWS GovCloud (US) Regions. Developer Edition is a free, full-featured, non-production license that mirrors Enterprise capabilities, helping teams reduce licensing costs for development, testing, and demonstrations. Amazon RDS-managed features — automated backups, automated software updates, monitoring, and encryption — are supported for SQL Server 2019 and SQL Server 2022 instances.
read more →

Navigating Digital Sovereignty: Microsoft's Practical Path

🔒 Microsoft frames digital sovereignty as a practical, consultative discipline that extends beyond privacy to encompass continuity, resilience, and responsible AI adoption. The post outlines a Sovereign Cloud continuum—including the EU Data Boundary, hybrid and private cloud options, and expanded disconnected operations—to provide organizations with choice, visibility, and control. It emphasizes transparency, risk-based engagement, and long-term accountability as core means to build durable trust while enabling innovation.
read more →

Microsoft Named a Leader in Gartner 2026 IPaaS MQ Report

🚀 Microsoft was named a Leader in the 2026 Gartner Magic Quadrant for Integration Platform as a Service, its eighth consecutive year of recognition. The company positions Azure Integration Services as a unified platform to connect applications, data, APIs, and events while operationalizing AI across the enterprise. With Azure Logic Apps and Azure API Management, Microsoft highlights support for agentic workflows, embedded governance, and AI Gateway capabilities to enforce policies, manage usage, and ensure compliance as organizations scale AI-driven operations.
read more →

Microsoft Pauses Windows KB5079391 After Install Errors

⚠️ Microsoft has paused the rollout of a Windows 11 preview update, KB5079391, after reports that installations fail with error 0x80073712. The optional cumulative update targeted Windows 11 24H2 and 25H2 and bundled 29 changes, including Smart App Control, display improvements, improved Windows Hello fingerprint reliability, and Windows RE stability for x64 apps on ARM64 devices. To prevent further impact, Microsoft has temporarily limited the update's availability through Windows Update while it investigates and said the issue will most likely be resolved before the April 14 Patch Tuesday, though no firm timeline was provided.
read more →

Windows 11 KB5079391 Preview Adds Smart App Control

🛡️ Microsoft released the KB5079391 preview cumulative update for Windows 11 24H2 and 25H2, delivering 29 non-security changes and optional fixes. The update lets administrators and users toggle Smart App Control on or off without reinstalling the OS via Settings > Windows Security > App & Browser Control. It also introduces display reliability enhancements, including support for monitors reporting refresh rates above 1000 Hz, native USB4 monitor connections, and improved HDR behavior. Installers can apply the preview via Windows Update or the Microsoft Update Catalog; installation is optional unless automatic preview updates are enabled.
read more →

Identity Security: The New Pressure Point in Cyberattacks

🔐 Microsoft argues that identity is the primary pressure point for modern cyberattacks as organizations manage proliferating human, non-human, and agentic identities across disparate systems. The post highlights that fragmentation—duplicative solutions and too many vendors—creates visibility gaps that enable lateral movement. It outlines a unified model built on Microsoft Entra, a real-time identity control plane including Conditional Access, and integrated threat protection, and describes AI-driven triage with Security Copilot to accelerate response and reduce analyst fatigue.
read more →

AI for Nuclear Energy: Building Intelligent Resilience

⚛️ Microsoft announces an AI for nuclear collaboration with NVIDIA to deliver an end-to-end, AI-powered foundation for nuclear project delivery. The initiative pairs Microsoft Azure, generative AI for permitting, and NVIDIA simulation and AI stacks to speed design, streamline licensing, and improve operations via Digital Twins. Early adopters — including Aalo Atomics, Southern Nuclear, and Idaho National Laboratory — report major time and cost reductions while preserving regulatory traceability and security.
read more →

Device Code Phishing Targets 340 Microsoft Orgs Globally

🔐 Huntress is tracking an active device code phishing campaign targeting Microsoft 365 identities at over 340 organizations across the US, Canada, Australia, New Zealand, and Germany. The attackers use Cloudflare Workers redirects and Railway.com-hosted infrastructure to harvest OAuth access and refresh tokens that remain valid after password resets. Sectors hit include construction, non-profits, real estate, manufacturing, finance, healthcare, legal and government.
read more →

Microsoft fixes Outlook sync bug affecting Gmail users

🔧 Microsoft has resolved a known issue that caused Classic Outlook to stop syncing Gmail and Yahoo accounts and to show 0x800CCC0F and 0x80070057 error codes. Affected accounts reportedly stopped syncing on February 26, 2026; Microsoft says the fix was applied in the Microsoft 365 service, but some users may still see issues until their OAuth token expires. As a temporary workaround, Microsoft recommends deleting the affected email address entries under the Identities key at Computer\HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\Identities to force a sign-in prompt.
read more →

Microsoft Open Source and AKS at KubeCon Europe 2026

🚀 At KubeCon + CloudNativeCon Europe 2026, Microsoft outlined coordinated open-source and AKS enhancements designed to bring AI workloads to Kubernetes with enterprise-grade operational patterns. Upstream work includes DRA reaching GA, Workload Aware Scheduling for Kubernetes 1.36, DRANet Azure RDMA compatibility, and new projects such as AI Runway, HolmesGPT (CNCF Sandbox), and Dalec. AKS platform updates add identity-aware networking with Azure Kubernetes Application Network, meshless Istio routing, WireGuard and Cilium-based encryption, built-in GPU telemetry into managed Prometheus/Grafana, per-flow L3/L4 and L7 observability, a managed Cilium cluster mesh via Fleet Manager, Elastic SAN shared storage, AKS Desktop GA, and safer upgrades with blue-green agent pool upgrades and agent pool rollback.
read more →

Tycoon2FA Phishing Service Resumes After Disruption

🔁 Tycoon2FA, a phishing-as-a-service platform disrupted by Europol and Microsoft on March 4, has returned to pre-takedown activity levels within days. CrowdStrike observed a brief decline to about 25% of normal volumes on March 4–5, 2026, before activity rebounded and cloud compromise remediations returned to early-2026 levels. The service continues to use similar TTPs targeting Microsoft 365 and Gmail, exploiting redirection, URL shorteners, and compromised domains. CrowdStrike warns that without arrests or physical seizures, operators can quickly recover and replace impacted infrastructure.
read more →

Microsoft virtual account change disrupts Exchange Online

⚠️ Microsoft is addressing an intermittent Exchange Online outage that has blocked some users from accessing mailboxes via Outlook mobile and the new Outlook for Mac client since Thursday. The company traced the issue (incident EX1256020) to a newly introduced virtual account and is reverting that change across affected environments. Restarts failed to resolve the problem, and Microsoft is working on a permanent remediation and will provide a timeline when available.
read more →

Microsoft: IRS-themed Phishing Hits 29,000, RMM Abused

⚠️Microsoft reported large-scale IRS-themed phishing campaigns in February 2026 that targeted more than 29,000 users across 10,000 organizations, using tax refund, payroll and W‑2 lures to harvest credentials and deliver remote access tools. Attackers leveraged Phishing-as-a-Service kits (notably Energy365 and SneakyLog/Kratos) and abused legitimate RMM products such as ScreenConnect, Datto, and SimpleHelp to maintain persistent access. Microsoft advises enforcing 2FA, applying conditional access, and blocking malicious domains and payloads to reduce exposure.
read more →

Microsoft issues KB5085516 to fix account sign-in bug

🔧 Microsoft released an out-of-band update, KB5085516, to fix a sign-in failure that prevented Microsoft account authentication in multiple apps after the March cumulative update KB5079473. Affected apps included Microsoft Edge, Teams, OneDrive, Microsoft 365 Copilot and Office apps, which reported the device was not connected to the Internet. The optional fix is available for Windows 11 25H2 and 24H2 via Windows Update or the Microsoft Update Catalog, and Microsoft recommends installing the latest updates.
read more →

Water Utilities Boost Cybersecurity Through Cooperation

💧Water utilities facing aging operational systems and limited IT staff are improving cybersecurity by sharing information and coordinating responses. A two-year pilot led by the Cyber Readiness Institute and the Center on Cyber and Technology Innovation, sponsored by Microsoft, enrolled about 200 small and mid-sized utilities. The study found that combining cybersecurity training with hands-on technical assistance, stronger sector links and practical support is more effective than distributing guidance alone.
read more →