< ciso
brief />
Tag Banner

All news with #microsoft tag

836 articles · page 20 of 42

Microsoft at RSAC 2026: Securing the Agentic AI Era

🔒 Join Microsoft at RSAC 2026 (March 22–26) to learn how AI agents are reshaping both opportunity and risk and what defenders must do next. Microsoft previews its vision for Ambient and Autonomous Security and highlights solutions like Agent 365 that deliver observability and protection across the AI stack. Attend Microsoft Pre-Day keynotes, executive roundtables, booth demos, and hands-on experiences to get practical guidance, product demos, and partner insights.
read more →

How Pantone Used Azure Cosmos DB to Power Agentic AI

💡 Pantone built an agentic AI experience, the Palette Generator, to translate decades of color expertise into an interactive, chat-driven workflow. The system uses specialized agents for roles like a “chief color scientist” and relies on Azure Cosmos DB as the real-time persistence layer for chat history, prompts, and interaction telemetry. By moving toward vectorized embeddings and integrating with Microsoft Foundry and Azure AI services, Pantone improved semantic relevance and global scale. The architecture prioritized fast retrieval, conversational memory, and iterative learning.
read more →

AI Skills Exposed: New Attack Surface for Enterprises

⚠️ TrendAI warns that so-called AI skills—executable artifacts that combine human-readable instructions, decision logic and operational constraints—are dangerously exposed to theft, sabotage and disruption. These skills power automation in tools such as Anthropic’s Agent Skills, OpenAI’s GPT Actions and Microsoft’s Copilot Plugin, and can surface proprietary data and business logic. If attackers obtain skill logic or operational data they could disrupt public services, manipulate manufacturing or steal sensitive records. TrendAI recommends integrity monitoring, strict access controls, separation of data and logic, least-privilege execution, adversary testing and continuous logging and auditing.
read more →

Companies Use 'Summarize' Buttons to Poison Chatbots

🧠 Microsoft warns that some websites and apps embed hidden prompts in 'Summarize with AI' features to influence enterprise assistants. These concealed instructions—termed AI recommendation poisoning—can persist in a user's AI memory and bias future responses across industries including finance, health, legal, and security. Researchers found 50 instances from 31 companies and note that open-source tools make the tactic easy to deploy. Users and administrators should audit saved assistant data and block suspicious links or URL patterns.
read more →

Windows 11 Notepad flaw let Markdown links run code

🔒Microsoft fixed a remote code execution vulnerability in Windows 11 Notepad that allowed specially crafted Markdown links to launch local or remote programs without triggering Windows security dialogs. Tracked as CVE-2026-20841, the issue originated from Notepad's Markdown rendering treating certain file- and protocol-based links as clickable and unverified. Microsoft patched the flaw in the February 2026 Patch Tuesday updates and is distributing the Notepad update via the Microsoft Store; Notepad now displays a warning for non-http(s) links, though attackers could still try to social-engineer users into accepting prompts.
read more →

Microsoft Store Outlook Add-in Hijacked to Steal Accounts

🔒 The AgreeTo Outlook add-in was hijacked and turned into a full phishing kit that stole more than 4,000 Microsoft account credentials, researchers at Koi Security report. The module, listed on the Microsoft Office Add-in Store since December 2022, relied on an abandoned Vercel-hosted URL that an attacker claimed and used to serve a fake Microsoft sign-in page inside Outlook’s sidebar. Credentials, credit card details and banking security answers were exfiltrated via a Telegram bot API before victims were redirected to the real login page. Microsoft removed the add-in after the disclosure; users should uninstall AgreeTo and reset affected passwords.
read more →

First Malicious Outlook Add-in Found in Supply-Chain Attack

🔍 Cybersecurity researchers at Koi Security disclosed the first known malicious Microsoft Outlook add-in, codenamed AgreeToSteal. The attacker claimed an abandoned add-in's domain and used the manifest URL (outlook-one.vercel[.]app) to serve a fake Microsoft sign-in page, harvesting more than 4,000 credentials and exfiltrating them via the Telegram Bot API. The affected add-in, AgreeTo, a calendar/availability tool last updated in December 2022, had requested ReadWriteItem permissions that could have allowed covert mailbox access. Koi recommends domain verification, re-review triggers, delisting stale add-ins, and visible install counts to reduce similar supply-chain abuse.
read more →

Over 60 Vendors Issue Security Patches Across Platforms

🔒 It's Patch Tuesday: more than 60 software vendors released security updates addressing flaws across OS, cloud, and networking platforms. Microsoft fixed 59 vulnerabilities, including six actively exploited zero-days that can bypass protections, escalate privileges, or cause DoS. SAP patched two critical bugs — a SQL injection in CRM/S/4HANA (CVE-2026-0488, CVSS 9.9) and a missing authorization in NetWeaver ABAP (CVE-2026-0509, CVSS 9.6) — which may require kernel updates and role or UCON adjustments. Intel and Google also disclosed five TDX 1.5 vulnerabilities and numerous improvement suggestions; Adobe released multiple product updates with no known in-the-wild exploits reported.
read more →

Microsoft Patches 59 Flaws, Six Actively Exploited

🔒 Microsoft released security updates fixing 59 vulnerabilities across Windows and related products, including six flaws Microsoft says are being actively exploited. The update includes five Critical, 52 Important and two Moderate fixes, addressing privilege escalation, remote code execution, spoofing and information disclosure. Microsoft and external researchers reported several actively exploited CVEs; CISA has added them to its KEV catalog with a March 3, 2026 remediation deadline for federal agencies.
read more →

Microsoft patches six actively exploited zero-days

🔒 Microsoft released updates to fix six actively exploited zero-day vulnerabilities, three of which have been publicly disclosed. The issues include security feature bypasses in Windows Shell, MSHTML and Word, plus elevation-of-privilege and denial-of-service flaws affecting DWM, Remote Access Connection Manager and Remote Desktop Services. None are rated critical and only five of 58 patches this month were classed as critical. Administrators should prioritise applying updates and monitoring for exploitation.
read more →

Microsoft Ships Windows 11 26H1 for New ARM CPUs Only

🖥️ Microsoft has released Windows 11, version 26H1, but the distribution is limited to new ARM-based devices such as those using Qualcomm Snapdragon X2 processors and possibly other upcoming ARM chips. This build is a platform-specific release and will not be broadly delivered through Windows Update to existing PCs. Microsoft says organizations should continue to purchase, deploy, and manage devices on broadly released versions like 24H2 and 25H2. The company also reiterated its annual update cadence, with 26H2 expected later in the year.
read more →

February 2026 Patch Tuesday: Six Exploited Microsoft Bugs

🔒 Microsoft’s February 2026 Patch Tuesday delivers 60 fixes, including six vulnerabilities the vendor says are actively exploited. Three are security feature bypass flaws in Windows Shell, MSHTML and Office OLE mitigations; two permit local elevation to System, and one enables local denial-of-service. Experts note patches are straightforward and require no post-patch configuration, but prioritization of the bypasses and cloud-related issues is urgent.
read more →

Microsoft Patch Tuesday — February 2026 Security Update

🔔 Microsoft released its February 2026 security updates addressing 59 vulnerabilities across Windows and cloud products, including two Critical issues in ACI Confidential Containers. Several vulnerabilities are reported as actively exploited and others have been publicly disclosed, impacting components such as Windows Shell, MSHTML, Office, Azure, Hyper-V, and GitHub Copilot. Talos is publishing a new Snort ruleset to detect exploitation attempts; administrators should apply Microsoft patches and update intrusion detection signatures promptly.
read more →

Patch Tuesday: February 2026 — Six Zero-Day Fixes Security

🔒 Microsoft released February 2026 Patch Tuesday updates addressing more than 50 vulnerabilities, including six actively exploited zero-days. Patches cover security feature bypasses in Windows Shell, MSHTML and Word, elevation-of-privilege flaws in Remote Desktop Services and Desktop Window Manager, and a denial-of-service risk in the Remote Access Connection Manager. Administrators and developers are urged to prioritize testing and deployment, maintain recent backups, and apply least-privilege controls to limit exposure, particularly for AI-assisted development workflows.
read more →

Microsoft releases Windows 10 KB5075912 ESU update

🔒 Microsoft released the Windows 10 KB5075912 extended security update for ESU-enrolled systems and Enterprise LTSC installations to address February 2026 Patch Tuesday fixes, including six actively exploited zero-day vulnerabilities. After installation, affected systems are updated to build 19045.6937 (or 19044.6937 for LTSC 2021). The update also continues a phased rollout of replacement Secure Boot certificates and resolves a Secure Launch-related shutdown/hibernation issue.
read more →

Microsoft February 2026 Patch Tuesday: 6 Zero-Days Fixed

🔒 Microsoft released its February 2026 Patch Tuesday security update addressing 58 flaws, including six actively exploited zero-days and three that were publicly disclosed. The release fixes five Critical bugs and numerous elevation-of-privilege, remote code execution, and information disclosure issues across Windows and Office components. Microsoft also began a phased rollout of updated Secure Boot certificates to replace expiring 2011 certificates and has integrated built-in Sysmon functionality into Windows 11 insider builds.
read more →

Windows 11 KB5077181 and KB5075941 February 2026 Updates

🔒 Microsoft released Windows 11 cumulative updates KB5077181 (for 25H2/24H2) and KB5075941 (for 23H2) delivering the February 2026 Patch Tuesday security fixes, bug fixes, and feature improvements. The updates move systems to 26200.7840 (25H2), 26100.7840 (24H2), and 226x1.6050 (23H2). Notable additions include Cross‑Device Resume expansion, an inbox Windows MIDI Services implementation, enhanced Windows Hello peripheral fingerprint support, and a user toggle for Smart App Control. Install via Settings > Windows Update or download from the Microsoft Update Catalog.
read more →

Microsoft updates Secure Boot certs before June 2026

🔐 Microsoft has begun rolling out updated Secure Boot certificates through regular monthly Windows updates to replace the original 2011 certificates that will expire in late June 2026. The automatic refresh targets devices with Microsoft-managed updates; many PCs shipped since 2024 and most built in 2025 already include the new certificates. Some systems may still require separate OEM firmware updates before the new certs can be installed. Administrators can also deploy the new certificates via registry keys, Group Policy, or the Windows Configuration System to ensure Windows Boot Manager and Secure Boot protections remain in place.
read more →

High-Temperature Superconductors for Datacenter Power

⚡Microsoft is evaluating high-temperature superconductors (HTS) to improve datacenter power delivery, reduce transmission losses, and increase capacity within compact footprints. HTS cables, when maintained at cryogenic temperatures, carry electricity with near-zero resistance, enabling smaller, lighter cabling that generates negligible heat and avoids voltage drops. By partnering with manufacturers and system integrators, Microsoft plans pilots of rack-level HTS architectures and aims to rethink traditional power designs to support AI-era workloads.
read more →

Microsoft 365 admin center outage affects North America

⚠️ Microsoft is investigating an outage that prevents some administrators with business or enterprise subscriptions from accessing the Microsoft 365 admin center in North America and Canada. The company is tracking the issue on its service health page and is collecting telemetry, with an early focus on CPU utilization and user HTTP Archive (HAR) files to identify a root cause. Impacted users report slow or unavailable admin portal access, degraded functionality, and potential inability to open the M365 app or raise support tickets.
read more →