< ciso
brief />
Tag Banner

All news with #microsoft tag

836 articles · page 29 of 42

Microsoft fixes Windows 11 hotpatch reinstall loop

🔁 Microsoft released the KB5072753 out-of-band cumulative update to resolve a known issue that caused the November 2025 hotpatch KB5068966 to repeatedly reinstall on Windows 11, version 25H2 systems. The update is rolling out via Windows Update and supersedes earlier hotpatches, so administrators should deploy KB5072753 instead of KB5068966 if they have not yet applied the November update. Microsoft said the reinstall behavior did not affect system functionality and was mainly noticeable in update-history timestamps.
read more →

Microsoft Named Leader in Gartner Access Management

🔒 Microsoft has been recognized as a Leader in the 2025 Gartner Magic Quadrant for Access Management for the ninth consecutive year. The post highlights Microsoft Entra as a unified IAM and CIAM solution that consolidates controls, telemetry, and administration while integrating generative AI in the Entra admin center to streamline workflows and threat response. Microsoft calls out rising threats—nation-state actors and organized cybercrime using generative AI—and stresses that multifactor authentication and agent identity controls are essential to protect both human and non-human identities.
read more →

Turn Windows 11 Migration into a Security Opportunity

🔒 Organizations should treat the Windows 11 migration as a strategic security opportunity rather than a routine OS update. While some users resist moving from Windows 10 or explore alternatives like Linux or legacy releases, those choices can introduce operational headaches and security gaps, especially as Microsoft phases out support. Use the transition to validate backups, recovery objectives, and patch posture to reduce exposure to unpatched vulnerabilities that increasingly target MSPs and their clients.
read more →

Thunderbird Gains Native Microsoft Exchange Support

📧 Thunderbird 145 introduces built-in support for Microsoft Exchange email via the Exchange Web Services (EWS) protocol, eliminating the need for third-party add-ons in Exchange-hosted environments. The client auto-detects account settings and uses Microsoft’s OAuth2 for authorization to simplify migration from Outlook. Initial capabilities include full folder listings, message synchronization, message operations (view, send, reply, forward, move, copy, delete), attachment handling, subject/body search and quick filtering for Microsoft 365 domains with standard OAuth2 and for on-premise Exchange using basic password authentication. The Thunderbird team says additional features such as calendar syncing, address book support, Microsoft Graph integration and expanded authentication options (NTLM, tenant-specific OAuth2) are planned but not yet available.
read more →

Windows 11 Introduces Cloud Rebuild and PITR Recovery

☁️ Microsoft unveiled two Windows 11 recovery capabilities — Point-in-Time Restore (PITR) and Cloud Rebuild — designed to reduce downtime and simplify device recovery. PITR builds on System Restore by capturing full system snapshots, enabling admins and users to roll a device back to a known-good state, including local files and applications. Cloud Rebuild allows remote reinstallation through Intune, leveraging Autopilot, OneDrive, and Windows Backup for Organizations to restore settings and data.
read more →

Microsoft to Natively Integrate Sysmon in Windows 11

🛡️ Microsoft will integrate Sysmon natively into Windows 11 and Windows Server 2025, removing the need to deploy the standalone Sysinternals tool. The built-in functionality will preserve Sysmon’s capabilities, including support for custom configuration files and advanced event filtering, and logs events to the Windows Event Log. Administrators can enable it via Optional Features or run sysmon -i (or sysmon -i <config>) to load a custom configuration, and updates will be delivered through Windows Update to simplify management and improve coverage in large environments.
read more →

Microsoft Teams adds false-positive threat report option

🔔 Microsoft is adding a user-driven false-positive reporting capability to Microsoft Teams, allowing users to flag chat or channel messages they believe were incorrectly marked as security threats. The feature began a targeted rollout in September and is scheduled to reach general availability worldwide by the end of November 2025. It will be available to organizations using Microsoft Defender for Office 365 Plan 2 or Microsoft Defender XDR, and accessible on desktop, mobile, and web. Administrators can enable or disable the feature from the Teams admin center or the Microsoft Defender portal.
read more →

Microsoft Databases and Fabric: Unified AI Data Estate

🧠 Microsoft details a broad expansion of its database portfolio and deeper integration with Microsoft Fabric to simplify data architectures and accelerate AI. Key launches include general availability of SQL Server 2025, GA of Azure DocumentDB (MongoDB-compatible), the preview of Azure HorizonDB, and Fabric-hosted SaaS databases for SQL and Cosmos DB. OneLake mirroring, Fabric IQ semantic modeling, expanded agent capabilities, and partner integrations (SAP, Salesforce, Databricks, Snowflake, dbt) are positioned to deliver zero-ETL analytics and operational AI at scale.
read more →

Azure Introduces Copilot Agents and AI Infrastructure

🚀 At Microsoft Ignite 2025, Microsoft unveiled a suite of Azure infrastructure and AI operational innovations built for scale, reliability, and security. Azure Copilot introduces an agentic operations model with six specialized agents—migration, deployment, optimization, observability, resiliency, and troubleshooting—designed to automate routine cloud management while enforcing RBAC and policy. The release also highlights new AI datacenter architecture (Fairwater), deployment of NVIDIA GB300 GPUs at scale, and platform improvements like Azure Boost and AKS Automatic to accelerate performance and reduce operational overhead.
read more →

Security Copilot Agents Included with Microsoft 365 E5

🛡️ Microsoft is including Security Copilot agents in Microsoft 365 E5, embedding AI-driven assistants across Defender, Entra, Intune, and Purview to accelerate investigations and automate routine tasks. The rollout begins today for existing Security Copilot customers on E5 and will expand to all E5 tenants in the coming months with a 30-day notification. The announcement adds 12 Microsoft-built preview agents, 30+ partner agents, and support for customer-built agents to tailor workflows.
read more →

Ambient and Autonomous Security for the Agentic Era

🛡️ At Microsoft Ignite 2025, Microsoft set out an ambient, autonomous security approach for the emerging agentic era and announced a suite of tools to observe, secure, and govern AI agents and apps. The centerpiece is Microsoft Agent 365, a control plane providing an Entra-based registry, access controls, visualization, and integrations with Defender, Entra, and Purview to detect prompt-injection, prevent leakage, and enable auditing. Microsoft also expanded platform protections, enhanced Copilot data controls in Purview, and positioned Microsoft Sentinel and Security Copilot as agentic security pillars for detection and response.
read more →

Microsoft Foundry: Modular, Interoperable Secure Agent Stack

🔧 Microsoft today expanded Foundry, its platform for building production AI apps and agents, with new models, developer tools, and governance controls. Key updates include broader model access (Anthropic, Cohere, NVIDIA), a generally available model router, and public previews for Foundry IQ, Agent Service features (hosted agents, memory, multi-agent workflows), and the Foundry Control Plane. Foundry Tools and Foundry Local bring real-time connectors and edge inference, while Managed Instance on Azure App Service eases .NET cloud migrations.
read more →

Azure Ignite 2025: Azure's Agentic AI and Data Innovations

🚀 At Microsoft Ignite 2025, Azure introduced a coordinated set of agentic and data-first capabilities to accelerate enterprise AI adoption. Announcements include Microsoft Agent Factory (available), previews of Fabric IQ and Foundry IQ, expanded Foundry model choices (Anthropic, Cohere), and new database offerings like Azure HorizonDB and Azure DocumentDB. The updates emphasize unified data, model choice, and integrated security to simplify building, running, and governing AI agents at scale.
read more →

Anthropic Claude Models Available in Microsoft Foundry

🚀 Microsoft announced integration of Anthropic's Claude models into Microsoft Foundry, making Azure the only cloud to provide both Claude and GPT frontier models on a single platform. The release brings Claude Haiku 4.5, Sonnet 4.5, and Opus 4.1 to Foundry with enterprise governance, observability, and deployment controls. Foundry Agent Service, the Model Context Protocol, skills-based modularity, and a model router are highlighted as tools to operationalize agentic workflows for coding, research, cybersecurity, and business automation. Token-based pricing tiers for the Claude models are published for standard deployments.
read more →

Microsoft fixes Windows 10 ESU update installation error

🔧 Microsoft acknowledged that the November Patch Tuesday update KB5068781 for Windows 10 (builds 19044.6575 and 19045.6575) could fail to install on commercial devices activated via Windows subscription activation through the Microsoft 365 admin center, producing error 0x800f0922. On Nov. 17 Microsoft issued a preparation package, KB5072653, to resolve the problem and allow deployment of the November security update. Administrators should verify the latest servicing stack update, run the Windows Update Troubleshooter, and, if needed, install the .msu manually via wusa.exe.
read more →

Windows 10 KB5072653 OOB Update Fixes ESU Install Errors

🛠️ Microsoft released the out-of-band update KB5072653 to address installation failures affecting the November Extended Security Update for Windows 10. The preparation package resolves 0x800f0922 (CBS_E_INSTALLERS_FAILED) errors and requires devices to run Windows 10 22H2 with the October cumulative update KB5066791. KB5072653 will be offered automatically via Windows Update; after installing and restarting, administrators should rerun Windows Update to deploy the November ESU update (KB5068781). Microsoft will also publish updated Scan Cab metadata for WSUS/SCCM customers who rely on cab files for compliance checks.
read more →

Aisuru Botnet Fires 15.72 Tbps DDoS at Microsoft Azure

⚠️ Microsoft reported that the Aisuru botnet launched a massive DDoS attack against a public Azure IP in Australia, peaking at 15.72 Tbps and nearly 3.64 billion packets per second. The traffic originated from over 500,000 IP addresses and consisted of extremely high-rate UDP floods with minimal source spoofing. Microsoft noted the bursts used random source ports, which aided traceback and provider enforcement. Azure's mitigations absorbed the attack without a reported widespread outage.
read more →

Microsoft and NVIDIA Enable Real-Time AI Defenses at Scale

🔒 Microsoft and NVIDIA describe a joint effort to convert adversarial learning research into production-grade, real-time cyber defenses. They transitioned transformer-based classifiers from CPU to GPU inference—using Triton and a TensorRT-compiled engine—to dramatically reduce latency and increase throughput for live traffic inspection. Key engineering advances include fused CUDA kernels and a domain-specific tokenizer, enabling low-latency, high-accuracy detection of adversarial payloads in inline production settings.
read more →

Windows bug prevents Microsoft 365 desktop app installs

⚠️ Microsoft is addressing a known issue that prevents users from installing Microsoft 365 desktop apps on Windows devices. The problem stems from misconfigured authentication components affecting versions 2508 (Build 19127.20358) and 2507 (Build 19029.20294). The team is reconfiguring the components and expects a full remediation later today. Microsoft tagged the outage as incident OP1186186 and is also investigating a related admin access issue tracked as MO1176905.
read more →

Microsoft Patch Tuesday — November 2025: 60+ Vulnerabilities

🔒 Microsoft released updates addressing more than 60 vulnerabilities across Windows and related products, including a zero-day memory-corruption bug (CVE-2025-62215) that is already being exploited. Microsoft rates this issue important because exploitation requires prior access to the target device. Other high-priority fixes include a 9.8-rated GDI+ vulnerability (CVE-2025-60274) and an Office remote-code-execution flaw (CVE-2025-62199). Windows 10 users should install the enrollment fix KB5071959 before applying subsequent updates.
read more →