< ciso
brief />
Tag Banner

All news with #microsoft tag

836 articles · page 22 of 42

Windows 11 KB5074105 Preview Fixes Boot and Sign-In

🔧 Microsoft released the optional January 2026 preview cumulative update KB5074105 for Windows 11, delivering 32 non-security quality fixes administrators can validate before Patch Tuesday. The preview moves 25H2 devices to build 26200.7705 and 24H2 devices to 26100.7705 and can be installed via Settings > Windows Update or the Microsoft Update Catalog. Key fixes address sign-in and boot failures, activation problems during license migrations, expanded Cross-Device Resume for Android-to-PC activity continuation (examples include resuming Spotify, Office work, or browsing sessions), and broader Windows Hello Enhanced Sign-in Security support for peripheral fingerprint sensors. Additional reliability fixes target UAC elevation hangs, graphics-related system errors (dxgmms2.sys, KERNEL_SECURITY_CHECK_FAILURE), Windows Sandbox startup failures (0x800705b4), startup/login hangs and iSCSI boot issues. Administrators are advised to test the update in lab environments before wide deployment.
read more →

Microsoft Links Windows 11 Boot Failures to Dec 2025 Update

⚠️ Microsoft says recent Windows 11 boot failures following the January 2026 cumulative update are tied to earlier failed attempts to install the December 2025 security update, which left some systems in an "improper state." After applying KB5074109, affected devices showed a BSOD with stop error UNMOUNTABLE_BOOT_VOLUME. Microsoft is working on a partial resolution to prevent new no-boot cases, but it warns this fix will not repair devices already unable to boot or stop systems from entering the improper state. The company also says the issue appears limited to physical machines.
read more →

Turning Threat Reports into Detection Insights with AI

🔍 Microsoft Defender Security Research Team describes an AI-assisted workflow that converts unstructured threat reports into actionable detection insights. The system uses LLMs with Retrieval Augmented Generation to extract candidate TTPs, metadata, and required telemetry, then normalizes behaviors to MITRE ATT&CK. Extracted TTPs are compared to a standardized detection catalog via vector similarity search and LLM validation to surface likely coverage and gap recommendations. Human-in-the-loop review, deterministic prompts, and evaluation loops are emphasized to ensure accuracy before operational changes.
read more →

2026 Data Security Index: Securing AI and Sensitive Data

🔒 The 2026 Microsoft Data Security Index explores how organizations can harness generative AI while protecting sensitive information and maintaining productivity. Based on responses from more than 1,700 security leaders, the report highlights three priorities: consolidating fragmented tools into unified platforms, managing AI-driven workflows securely, and leveraging generative AI to strengthen security operations. It recommends practical approaches using Microsoft Purview for continuous discovery and governance and Microsoft Security Copilot for automated investigation with human oversight.
read more →

Microsoft Teams to add report feature for suspicious calls

📞 Microsoft will add a Report a Call feature in Teams that lets users flag suspicious or unwanted one-to-one calls as potential scams or phishing. The option appears in call history on Windows, Mac and the web and is enabled by default; administrators can disable it in the Teams Admin Center under Calling settings. Limited metadata — timestamps, duration, caller ID and participant Teams IDs — is shared with the organization and Microsoft, and reports are viewable in the Microsoft Defender portal or Teams Admin Center. Targeted Release begins mid-March, with worldwide general availability planned by late April.
read more →

Microsoft January 2026 Out-of-Band Office Update Patch

⚠️ Microsoft released three out-of-band updates in January 2026, including a security update addressing CVE-2026-21509 in Microsoft Office, which has been reportedly exploited in the wild. The vulnerability is rated Important with a CVSS 3.1 score of 7.8 and is considered local, requiring a user to open a malicious Office document or for an attacker to have system access. Microsoft notes the issue cannot be triggered via the Preview Pane and has published mitigation guidance. Talos published Snort and ClamAV detections and advises customers to apply the latest rules and SRU updates.
read more →

Patches Issued for Critical Microsoft Office Zero-Day

🔒 Microsoft warns administrators of a critical Office security-bypass zero-day, CVE-2026-21509, that is being actively exploited. The flaw leverages legacy OLE document support to bypass protections similar to Office macros, enabling code execution when a user opens a malicious file. Microsoft has released fixes — automatic for Office 2021 and later, and separate updates for Office 2016 and 2019 — and notes affected applications must be restarted for patches to take effect.
read more →

Microsoft Issues Patch for Office Zero-Day Exploit

🛡️ Microsoft has released a patch addressing a high-severity zero-day in Microsoft Office that the company says has been exploited in the wild. Tracked as CVE-2026-21509 with a CVSS 3.1 score of 7.8, the flaw lets an attacker bypass OLE mitigations by relying on untrusted inputs in a security decision and requires only that a user open a malicious Office file. Microsoft urges users of Office 2016 and 2019 to install the update; Office 2021 and later will receive a service-side fix but require application restarts to take effect.
read more →

Microsoft releases emergency Office patch for zero-day

🛡️ Microsoft released an out-of-band patch for a high-severity Microsoft Office zero-day, tracked as CVE-2026-21509, rated CVSS 7.8 for a security feature bypass exploited in attacks. The flaw bypasses OLE mitigations for COM/OLE controls and requires a specially crafted Office file and user interaction; Microsoft says the Preview Pane is not an attack vector. Customers running Office 2021 and later receive a service-side fix (restart Office); Office 2016 and 2019 require installed updates. Microsoft also published a manual registry mitigation, and CISA added the flaw to its Known Exploited Vulnerabilities catalog.
read more →

Microsoft issues emergency Office patch for zero-day

🔒 Microsoft has issued emergency out-of-band updates to patch a high-severity Office zero-day, tracked as CVE-2026-21509, which is being actively exploited. The vulnerability allows an unauthenticated local attacker to bypass Office security features by convincing a user to open a malicious file; Microsoft says the preview pane is not an attack vector. Updates cover Microsoft 365 Apps and Office LTSC 2021/2024; fixes for Office 2016 and 2019 are pending. Microsoft and reporting outlets published registry-based mitigations administrators can apply until official updates are available.
read more →

Strategies for Strengthening Cybersecurity in Government

🛡️ Microsoft Deputy CISO for Government and Trust Tim Langan outlines a proactive approach to protecting government data, emphasizing collaboration across teams and partners. The post advocates defend forward threat hunting, the Cybersecurity Governance Council for cross-functional decision-making, and embedding security through initiatives like the Secure Future Initiative. Key focus areas include secure-by-design development, paved paths for compliance, and accelerating secure solutions for federal and defense scenarios.
read more →

Maia 200: Microsoft’s Inference Accelerator for AI Workloads

🤖 Maia 200 is Microsoft’s new first‑party AI inference accelerator, fabricated on TSMC’s 3nm process and optimized for low‑precision tensor compute. It combines native FP8/FP4 tensor cores with 216GB of HBM3e at 7 TB/s, 272MB on‑chip SRAM and specialized data‑movement engines to raise token throughput and utilization. Microsoft positions Maia 200 as delivering over 10 petaFLOPS (FP4), about 30% better performance‑per‑dollar versus its prior fleet, and higher FP8 performance than competing hyperscaler accelerators. Deployed in US Central with Azure integration and an SDK preview, Maia 200 targets inference for services such as Microsoft 365 Copilot and OpenAI GPT‑5.2.
read more →

Microsoft Handed BitLocker Keys to US Law Enforcement

🔐 Microsoft complied with a US search warrant in early 2025 and provided BitLocker recovery keys stored on its servers to investigators probing alleged COVID unemployment fraud in Guam. Because many Windows installations back up recovery keys by default to Microsoft cloud services, those keys were retrievable when legally compelled. Experts stress this is a custody and governance issue rather than a cryptographic failure of BitLocker, and recommend restricting default cloud backups, enforcing strict admin controls, and redirecting keys to on‑premises or enterprise key vaults where possible.
read more →

Microsoft issues second out-of-band Windows fix in a week

🔧 Microsoft has issued emergency out-of-band updates after users reported that the January 13 Patch Tuesday releases caused some applications, notably Outlook, to hang or behave unexpectedly when accessing files stored on cloud services such as OneDrive and Dropbox. The company released cumulative fixes — including KB5078127 for Windows 11, KB5078129 for Windows 10 and server updates KB5078131/KB5078136/KB5078135 — to address PST-file issues that could cause hangs, missing sent items or repeated redownloads. Administrators should review the KB notes, test in their environments and deploy the patches to restore normal email and cloud-file workflows.
read more →

Microsoft Investigates Windows 11 Boot Failures in January

⚠️Microsoft is investigating reports that some Windows 11 devices fail to boot with the UNMOUNTABLE_BOOT_VOLUME stop error after installing the January 13, 2026 cumulative update KB5074109. Affected systems running Windows 11 25H2 and all editions of 24H2 display a black crash screen and cannot start without manual recovery. Microsoft says only physical devices are impacted so far and asks affected users to submit feedback via the Feedback Hub. The company also released emergency out‑of‑band updates to address an Outlook PST cloud storage freeze.
read more →

Microsoft issues emergency OOB updates to fix Outlook

🔧 Microsoft has released out-of-band updates for Windows 10, Windows 11, and Windows Server to address an issue that caused Outlook to freeze when opening PST files stored in cloud-backed storage such as OneDrive or Dropbox. The problem emerged after the January 13, 2026 Patch Tuesday updates and mainly affected classic Outlook configurations used in enterprises. Affected instances could become unresponsive until the process was terminated or the system restarted, and users reported missing Sent Items and duplicate downloads. The fixes are available via Windows Update or the Microsoft Download Catalog and include several KB updates for specific Windows and Server versions.
read more →

ShinyHunters Claim Responsibility for SSO Vishing Attacks

📞 ShinyHunters says it is behind a wave of voice-phishing campaigns that compromise single sign-on accounts at Okta, Microsoft Entra, and Google, enabling access to downstream SaaS platforms. Attackers call employees posing as IT, steer victims through dynamic phishing pages and capture multi-factor authentication in real time, then enumerate connected applications to harvest data. The group claims Salesforce as a primary target and has issued extortion demands using stolen information.
read more →

Runtime Risk and Real-Time Defense for AI Agents at Scale

🔒 Microsoft describes runtime protections that let organizations inspect and control AI agent behavior in real time by integrating Microsoft Defender with Copilot Studio. Webhook-based checks evaluate planned tool invocations, intent, context, and previous orchestration outputs before execution, enabling precise allow/block decisions without changing agent logic. The post demonstrates three attack scenarios—malicious invoice-triggered instructions, SharePoint prompt injection, and capability reconnaissance—and shows how runtime blocking, logging, and XDR alerts prevent data exposure.
read more →

Outlook for iOS Crashes and Freezes on iPad After Update

⚠️ Microsoft confirmed a coding error in Outlook for iOS (version 5.2602.0) that can cause the app to crash or freeze on iPad devices. Affected users can work around the issue by launching Outlook in Airplane Mode and then re-enabling Wi‑Fi or cellular. Microsoft has developed a fix, though the updated app may take up to 24 hours to appear in the App Store while Apple processes the release.
read more →

Microsoft Security Success Stories: Integrated AI Foundation

🔒 Three global organizations—Ford, Icertis, and TriNet—illustrate how embedding security into every layer of the stack enables safer AI adoption and operational agility. Each moved from fragmented point solutions to a unified, Zero Trust platform built on Microsoft Security technologies such as Defender, Sentinel, Purview, Entra, and Security Copilot, using AI-powered telemetry and automation to accelerate detection and response. The result: fewer incidents, faster triage, improved compliance, and measurable cost savings that position them to scale AI responsibly.
read more →