All news with #microsoft tag

⚠️ Microsoft reported that the Aisuru botnet launched a massive DDoS attack against a public Azure IP in Australia, peaking at 15.72 Tbps and nearly 3.64 billion packets per second. The traffic originated from over 500,000 IP addresses and consisted of extremely high-rate UDP floods with minimal source spoofing. Microsoft noted the bursts used random source ports, which aided traceback and provider enforcement. Azure's mitigations absorbed the attack without a reported widespread outage.

🔒 Microsoft and NVIDIA describe a joint effort to convert adversarial learning research into production-grade, real-time cyber defenses. They transitioned transformer-based classifiers from CPU to GPU inference—using Triton and a TensorRT-compiled engine—to dramatically reduce latency and increase throughput for live traffic inspection. Key engineering advances include fused CUDA kernels and a domain-specific tokenizer, enabling low-latency, high-accuracy detection of adversarial payloads in inline production settings.

⚠️ Microsoft is addressing a known issue that prevents users from installing Microsoft 365 desktop apps on Windows devices. The problem stems from misconfigured authentication components affecting versions 2508 (Build 19127.20358) and 2507 (Build 19029.20294). The team is reconfiguring the components and expects a full remediation later today. Microsoft tagged the outage as incident OP1186186 and is also investigating a related admin access issue tracked as MO1176905.

🔒 Microsoft released updates addressing more than 60 vulnerabilities across Windows and related products, including a zero-day memory-corruption bug (CVE-2025-62215) that is already being exploited. Microsoft rates this issue important because exploitation requires prior access to the target device. Other high-priority fixes include a 9.8-rated GDI+ vulnerability (CVE-2025-60274) and an Office remote-code-execution flaw (CVE-2025-62199). Windows 10 users should install the enrollment fix KB5071959 before applying subsequent updates.

⚠️ Microsoft is investigating a bug that can cause the Windows 10 KB5068781 Extended Security Update to fail installation with error 0x800f0922 on devices licensed via Windows subscription activation. The update, released November 11 as the first ESU release, may appear to install but then roll back after a restart. Microsoft says the issue is isolated to activations through the Microsoft 365 Admin Center and has provided no ETA or workaround.

⚠️ Oligo Security researcher Avi Lumelsky disclosed a widespread insecure-deserialization pattern dubbed ShadowMQ that affects major AI inference engines including vLLM, NVIDIA TensorRT-LLM, Microsoft Sarathi-Serve, Modular Max Server and SGLang. The root cause is using ZeroMQ's recv_pyobj() to deserialize network input with Python's pickle, permitting remote arbitrary code execution. Patches vary: some projects fixed the issue, others remain partially addressed or unpatched, and mitigations include applying updates, removing exposed ZMQ sockets, and auditing code for unsafe deserialization.

🔒 Cybersecurity researchers disclosed a chain of remote code execution (RCE) vulnerabilities affecting AI inference frameworks from Meta, NVIDIA, Microsoft and open-source projects such as vLLM and SGLang. The flaws stem from reused code that called ZeroMQ’s recv-pyobj() and passed data directly into Python’s pickle.loads(), enabling unauthenticated RCE over exposed sockets. Vendors have released patches replacing unsafe pickle usage with JSON-based serialization and adding authentication and transport protections. Operators are urged to upgrade to patched releases and harden ZMQ channels, restrict network exposure, and avoid deserializing untrusted data.

🔒 Microsoft is rolling out a new Teams Premium setting that blocks screenshots and recordings in meetings on Windows desktop and Android devices. The feature, called 'Prevent screen capture', was announced for July 2025 but the rollout was delayed and is being introduced in late November 2025. The control is off by default and must be enabled per meeting by organizers or co-organizers; unsupported clients will join audio-only.

🔐 Microsoft has added native Windows 11 support for third-party passkey managers, beginning with 1Password and Bitwarden. Introduced in the November 2025 security update, the platform-level passkey API lets Windows generate a cryptographic key pair while storing the private key in the chosen manager, and uses Windows Hello (PIN or biometric) to verify logins. Microsoft also integrated its Microsoft Password Manager from Edge into Windows so users can pick their preferred manager. The change aims to improve portability, phishing resistance, and ease of passwordless authentication across devices.

🚀 Microsoft announced the new Fairwater Azure AI datacenter in Atlanta, Georgia, expanding its planet-scale AI superfactory. The purpose-built facility integrates massive NVIDIA Blackwell GPU clusters on a single flat network and uses rack-level direct liquid cooling plus a two-story layout to maximize compute density and reduce latency. It also connects via a dedicated AI WAN to enable cross-site fungibility and dynamic workload allocation.

🔧 Microsoft resolved a bug that caused incorrect end-of-support warnings to appear in Windows Update settings after the October 2025 updates. The cosmetic issue affected Windows 10 22H2 devices enrolled in the Extended Security Updates (ESU) program as well as LTSC 2021 editions that remain supported, but affected systems continued to receive security updates. Microsoft issued a cloud configuration fix and on Nov 11, 2025 released KB5068781; admins can also apply a Known Issue Rollback policy if immediate deployment is required.

⚠️ Microsoft released a fix for a Windows 11 Task Manager issue introduced by the optional preview update KB5067036 that could leave multiple taskmgr.exe processes running after the window was closed. The defect, blamed for stuttering and CPU hangs on affected systems, is resolved in the November cumulative security update KB5068861. Microsoft recommends installing KB5068861, and users who cannot immediately update can temporarily terminate lingering Task Manager processes by running an elevated Command Prompt and executing taskkill.exe /im taskmgr.exe /f.

🔒 Microsoft released patches for 63 vulnerabilities, four rated Critical and 59 Important, including a Windows Kernel zero-day (CVE-2025-62215) that Microsoft says is being exploited in the wild. The flaws span privilege escalation, remote code execution, information disclosure and DoS, with notable heap-overflow issues in Graphics Component and WSL GUI. Administrators are urged to prioritize updates where exploits are known or where vulnerabilities permit privilege escalation or remote code execution.

🔒 Microsoft released its November Patch Tuesday updates addressing over 60 CVEs, including an actively exploited Windows kernel zero-day (CVE-2025-62215). The flaw is a race-condition and double-free that can let low-privileged local attackers corrupt kernel memory and escalate to system privileges, though exploitation requires precise timing and local code execution. Administrators should also prioritise a critical GDI+ RCE (CVE-2025-60724, CVSS 9.8) that can be triggered by parsing specially crafted metafiles. Microsoft additionally issued an out-of-band update (KB5071959) to resolve Windows 10 Consumer ESU enrollment failures.

🔒 Microsoft’s November 2025 Patch Tuesday addresses 63 CVEs, including one actively exploited zero‑day and five Critical vulnerabilities that span Windows, Office, Developer Tools and third‑party products. This release is the first Extended Security Update (ESU) roll‑out for Windows 10 after its October 14 end‑of‑life; ESU enrollment and upgrade to 22H2 are required to receive fixes. CrowdStrike notes elevation of privilege, remote code execution and information disclosure are the leading exploitation techniques this month. Administrators should prioritize the zero‑day and Critical fixes (notably GDI+ and Nuance PowerScribe) and adopt mitigations where patching is delayed.

⚠️ Microsoft’s November Patch Tuesday addresses 63 vulnerabilities, including an actively exploited Windows kernel zero-day CVE-2025-62215 that can allow local attackers to escalate to SYSTEM via a complex race-condition double-free. Administrators should prioritize this fix across servers, domain controllers, and desktops, including Windows 10 systems enrolled in the ESU program. Other notable fixes include a Copilot Chat extension RCE (CVE-2025-62222) and a critical Microsoft Graphics Component overflow that could be triggered by specially crafted document uploads.

⚠️ Microsoft confirmed that Windows 11, version 23H2 Home and Pro editions reached end of servicing on November 11, 2025; the November 2025 monthly security update is the last patch for those SKUs. Devices running those editions will no longer receive monthly security or preview updates protecting against the latest threats. Users are advised to upgrade to Windows 11, version 25H2, available to eligible devices via Settings > Windows Update.

🔔 Microsoft released KB5068781, the first Extended Security Update (ESU) for Windows 10 following the platform's end of support. The update fixes a bug that incorrectly reported LTSC devices as out of support and bundles October Patch Tuesday fixes. It addresses 63 vulnerabilities — including one actively exploited elevation-of-privilege flaw — and is mandatory for enrolled devices, installing via Settings → Windows Update and updating ESU and LTSC builds to 19045.6575/19044.6575.

🛡️ Microsoft’s November 2025 Patch Tuesday addresses 63 vulnerabilities, including one actively exploited zero-day in the Windows Kernel (CVE-2025-62215). The update bundle includes four Critical issues and a broad set of fixes across kernel, RDP, Hyper-V, drivers, Office components and other Windows subsystems. Organizations still on unsupported Windows 10 should upgrade to Windows 11 or enroll in Microsoft’s ESU program; Microsoft also released an out-of-band patch to fix an ESU enrollment bug.

🔔 Microsoft released cumulative updates KB5068861 and KB5068865 for Windows 11 25H2/24H2 and 23H2, delivering the November 2025 Patch Tuesday security fixes, bug repairs, and several feature changes. The updates are mandatory security releases and update system build numbers to 26200.7019 (25H2/24H2 variants) and 226x1.6050 (23H2). Notable additions include a redesigned Start menu with Categories mode, updated battery icons with percentage, a new Copilot page in Get Started, Administrator Protection Preview, and post-quantum cryptography API support. Microsoft said the rollout is gradual and reported no new known issues at announcement time.