< ciso
brief />
Tag Banner

All news with #microsoft tag

836 articles · page 30 of 42

Windows 10 KB5068781 ESU Update Fails With 0x800f0922

⚠️ Microsoft is investigating a bug that can cause the Windows 10 KB5068781 Extended Security Update to fail installation with error 0x800f0922 on devices licensed via Windows subscription activation. The update, released November 11 as the first ESU release, may appear to install but then roll back after a restart. Microsoft says the issue is isolated to activations through the Microsoft 365 Admin Center and has provided no ETA or workaround.
read more →

ShadowMQ Deserialization Flaws in Major AI Inference Engines

⚠️ Oligo Security researcher Avi Lumelsky disclosed a widespread insecure-deserialization pattern dubbed ShadowMQ that affects major AI inference engines including vLLM, NVIDIA TensorRT-LLM, Microsoft Sarathi-Serve, Modular Max Server and SGLang. The root cause is using ZeroMQ's recv_pyobj() to deserialize network input with Python's pickle, permitting remote arbitrary code execution. Patches vary: some projects fixed the issue, others remain partially addressed or unpatched, and mitigations include applying updates, removing exposed ZMQ sockets, and auditing code for unsafe deserialization.
read more →

Copy-Paste RCE Flaw Impacts Major AI Inference Servers

🔒 Cybersecurity researchers disclosed a chain of remote code execution (RCE) vulnerabilities affecting AI inference frameworks from Meta, NVIDIA, Microsoft and open-source projects such as vLLM and SGLang. The flaws stem from reused code that called ZeroMQ’s recv-pyobj() and passed data directly into Python’s pickle.loads(), enabling unauthenticated RCE over exposed sockets. Vendors have released patches replacing unsafe pickle usage with JSON-based serialization and adding authentication and transport protections. Operators are urged to upgrade to patched releases and harden ZMQ channels, restrict network exposure, and avoid deserializing untrusted data.
read more →

Microsoft deploys Teams screen-capture prevention rollout

🔒 Microsoft is rolling out a new Teams Premium setting that blocks screenshots and recordings in meetings on Windows desktop and Android devices. The feature, called 'Prevent screen capture', was announced for July 2025 but the rollout was delayed and is being introduced in late November 2025. The control is off by default and must be enabled per meeting by organizers or co-organizers; unsupported clients will join audio-only.
read more →

Windows 11 Adds Native Support for Third-Party Passkeys

🔐 Microsoft has added native Windows 11 support for third-party passkey managers, beginning with 1Password and Bitwarden. Introduced in the November 2025 security update, the platform-level passkey API lets Windows generate a cryptographic key pair while storing the private key in the chosen manager, and uses Windows Hello (PIN or biometric) to verify logins. Microsoft also integrated its Microsoft Password Manager from Edge into Windows so users can pick their preferred manager. The change aims to improve portability, phishing resistance, and ease of passwordless authentication across devices.
read more →

Microsoft unveils Fairwater AI datacenter in Atlanta

🚀 Microsoft announced the new Fairwater Azure AI datacenter in Atlanta, Georgia, expanding its planet-scale AI superfactory. The purpose-built facility integrates massive NVIDIA Blackwell GPU clusters on a single flat network and uses rack-level direct liquid cooling plus a two-story layout to maximize compute density and reduce latency. It also connects via a dedicated AI WAN to enable cross-site fungibility and dynamic workload allocation.
read more →

Microsoft fixes false Windows 10 end-of-support alerts

🔧 Microsoft resolved a bug that caused incorrect end-of-support warnings to appear in Windows Update settings after the October 2025 updates. The cosmetic issue affected Windows 10 22H2 devices enrolled in the Extended Security Updates (ESU) program as well as LTSC 2021 editions that remain supported, but affected systems continued to receive security updates. Microsoft issued a cloud configuration fix and on Nov 11, 2025 released KB5068781; admins can also apply a Known Issue Rollback policy if immediate deployment is required.
read more →

Microsoft fixes Windows Task Manager bug hurting performance

⚠️ Microsoft released a fix for a Windows 11 Task Manager issue introduced by the optional preview update KB5067036 that could leave multiple taskmgr.exe processes running after the window was closed. The defect, blamed for stuttering and CPU hangs on affected systems, is resolved in the November cumulative security update KB5068861. Microsoft recommends installing KB5068861, and users who cannot immediately update can temporarily terminate lingering Task Manager processes by running an elevated Command Prompt and executing taskkill.exe /im taskmgr.exe /f.
read more →

Microsoft Patches 63 Flaws Including Kernel Zero‑Day

🔒 Microsoft released patches for 63 vulnerabilities, four rated Critical and 59 Important, including a Windows Kernel zero-day (CVE-2025-62215) that Microsoft says is being exploited in the wild. The flaws span privilege escalation, remote code execution, information disclosure and DoS, with notable heap-overflow issues in Graphics Component and WSL GUI. Administrators are urged to prioritize updates where exploits are known or where vulnerabilities permit privilege escalation or remote code execution.
read more →

Microsoft Fixes Windows Kernel Zero Day in November

🔒 Microsoft released its November Patch Tuesday updates addressing over 60 CVEs, including an actively exploited Windows kernel zero-day (CVE-2025-62215). The flaw is a race-condition and double-free that can let low-privileged local attackers corrupt kernel memory and escalate to system privileges, though exploitation requires precise timing and local code execution. Administrators should also prioritise a critical GDI+ RCE (CVE-2025-60724, CVSS 9.8) that can be triggered by parsing specially crafted metafiles. Microsoft additionally issued an out-of-band update (KB5071959) to resolve Windows 10 Consumer ESU enrollment failures.
read more →

November 2025 Patch Tuesday: One Zero-Day, Five Criticals

🔒 Microsoft’s November 2025 Patch Tuesday addresses 63 CVEs, including one actively exploited zero‑day and five Critical vulnerabilities that span Windows, Office, Developer Tools and third‑party products. This release is the first Extended Security Update (ESU) roll‑out for Windows 10 after its October 14 end‑of‑life; ESU enrollment and upgrade to 22H2 are required to receive fixes. CrowdStrike notes elevation of privilege, remote code execution and information disclosure are the leading exploitation techniques this month. Administrators should prioritize the zero‑day and Critical fixes (notably GDI+ and Nuance PowerScribe) and adopt mitigations where patching is delayed.
read more →

November Patch Tuesday: Critical Windows Kernel Zero-Day

⚠️ Microsoft’s November Patch Tuesday addresses 63 vulnerabilities, including an actively exploited Windows kernel zero-day CVE-2025-62215 that can allow local attackers to escalate to SYSTEM via a complex race-condition double-free. Administrators should prioritize this fix across servers, domain controllers, and desktops, including Windows 10 systems enrolled in the ESU program. Other notable fixes include a Copilot Chat extension RCE (CVE-2025-62222) and a critical Microsoft Graphics Component overflow that could be triggered by specially crafted document uploads.
read more →

Windows 11 23H2 Home and Pro Reach End of Support Now

⚠️ Microsoft confirmed that Windows 11, version 23H2 Home and Pro editions reached end of servicing on November 11, 2025; the November 2025 monthly security update is the last patch for those SKUs. Devices running those editions will no longer receive monthly security or preview updates protecting against the latest threats. Users are advised to upgrade to Windows 11, version 25H2, available to eligible devices via Settings > Windows Update.
read more →

Microsoft releases KB5068781 — first Windows 10 ESU update

🔔 Microsoft released KB5068781, the first Extended Security Update (ESU) for Windows 10 following the platform's end of support. The update fixes a bug that incorrectly reported LTSC devices as out of support and bundles October Patch Tuesday fixes. It addresses 63 vulnerabilities — including one actively exploited elevation-of-privilege flaw — and is mandatory for enrolled devices, installing via Settings → Windows Update and updating ESU and LTSC builds to 19045.6575/19044.6575.
read more →

Microsoft November 2025 Patch Tuesday: 63 Flaws, 1 Zero-Day

🛡️ Microsoft’s November 2025 Patch Tuesday addresses 63 vulnerabilities, including one actively exploited zero-day in the Windows Kernel (CVE-2025-62215). The update bundle includes four Critical issues and a broad set of fixes across kernel, RDP, Hyper-V, drivers, Office components and other Windows subsystems. Organizations still on unsupported Windows 10 should upgrade to Windows 11 or enroll in Microsoft’s ESU program; Microsoft also released an out-of-band patch to fix an ESU enrollment bug.
read more →

Windows 11 KB5068861 & KB5068865 November 2025 Updates

🔔 Microsoft released cumulative updates KB5068861 and KB5068865 for Windows 11 25H2/24H2 and 23H2, delivering the November 2025 Patch Tuesday security fixes, bug repairs, and several feature changes. The updates are mandatory security releases and update system build numbers to 26200.7019 (25H2/24H2 variants) and 226x1.6050 (23H2). Notable additions include a redesigned Start menu with Categories mode, updated battery icons with percentage, a new Copilot page in Get Started, Administrator Protection Preview, and post-quantum cryptography API support. Microsoft said the rollout is gradual and reported no new known issues at announcement time.
read more →

Microsoft emergency Windows 10 update fixes ESU enrollment

🔧Microsoft released an out‑of‑band update (KB5071959) to address a Windows 10 Consumer ESU enrollment failure that could cause the ESU wizard to abort. Once the update is installed and the device is rebooted, affected systems should be able to complete ESU enrollment and resume receiving Extended Security Updates via Windows Update. Microsoft flagged the patch as a security update for non‑enrolled devices to restore access to essential fixes.
read more →

Microsoft November 2025 Patch Tuesday: 63 Vulnerabilities

🔒 Microsoft released its November 2025 Patch Tuesday addressing 63 vulnerabilities across Windows, Office, Visual Studio and other components, including five labeled Critical. One important kernel elevation flaw, CVE-2025-62215, has been observed exploited in the wild. Critical issues include RCE in GDI+, Office, and Visual Studio, plus a DirectX elevation-of-privilege; Microsoft rates several as less likely to be exploited. Cisco Talos published Snort and Snort 3 rules and advises customers to apply updates and rule packs promptly.
read more →

Microsoft Secure Future Initiative — November 2025 Report

🔐 Microsoft’s November 2025 progress report on the Secure Future Initiative outlines governance expansion, engineering milestones, and product hardening across Azure, Microsoft 365, Windows, Surface, and Microsoft Security. The update highlights measurable gains — a nine-point rise in security sentiment, 95% employee completion of AI-attack training, 99.6% phishing-resistant MFA enforcement, and 99.5% live-secrets detection and remediation. It also introduces AI-first security capabilities, new detections, and 10 actionable SFI patterns to help customers improve posture.
read more →

Whisper Leak side channel exposes topics in encrypted AI

🔎 Microsoft researchers disclosed a new side-channel attack called Whisper Leak that can infer the topic of encrypted conversations with language models by observing network metadata such as packet sizes and timings. The technique exploits streaming LLM responses that emit tokens incrementally, leaking size and timing patterns even under TLS. Vendors including OpenAI, Microsoft Azure, and Mistral implemented mitigations such as random-length padding and obfuscation parameters to reduce the effectiveness of the attack.
read more →