All news with #microsoft tag

🛡️ Microsoft announced expanded agentic security capabilities in Microsoft Sentinel, including the general availability of the Sentinel data lake and public preview of Sentinel Graph and the Model Context Protocol (MCP) server to enable AI agents to reason over unified security data. Sentinel ingests structured and semi-structured signals, builds vectorized, graph-based context, and integrates with Microsoft Defender and Microsoft Purview. Security Copilot now offers a no-code agent builder and developer workflows via VS Code/GitHub Copilot, while enhanced governance controls (Entra Agent ID, PII guardrails, prompt shields) aim to secure agent lifecycles.

🛠 Microsoft released the optional preview cumulative update KB5065789 for Windows 11 24H2 (build 26100.6725), delivering 41 non-security changes and fixes. Highlights include new AI actions in File Explorer, an updated Click to Do menu, an Administrator Protection Preview, and passkey plugin integration. The update addresses high CPU usage in Windows Sandbox (VmmemCMFirstBoot), WSUS-related update failures, Windows Hello 0x80090010 errors on Entra ID–joined devices, HDR and Hyper-V TPM issues, and gaming performance with overlays. Microsoft lists a known DRM-related playback issue; install via Settings > Windows Update or the Microsoft Update Catalog.

🛡️ Microsoft flagged a targeted phishing campaign that used AI-assisted code to hide malicious payloads inside SVG files. Attackers sent messages from a compromised business account, employing self-addressed emails with hidden BCC recipients and an SVG disguised as a PDF that executed embedded JavaScript to redirect users through a CAPTCHA to a fake login. Microsoft noted the SVG's verbose, business-analytics style — flagged by Security Copilot — as likely produced by an LLM. The activity was limited and blocked, but organizations should scrutinize scriptable image formats and unusual self-addressed messages.

🤖 Microsoft is testing a new AI-powered Auto-Categorization capability in Microsoft Photos on Windows 11, rolling out to Copilot+ PCs across all Windows Insider channels. The feature automatically groups images into predefined folders — screenshots, receipts, identity documents, and notes — using a language-agnostic model that recognizes document types regardless of image language. Users can locate categorized items via the left navigation pane or Search bar, manually reassign categories, and submit feedback to improve accuracy. Microsoft has not yet clarified whether image processing happens locally or is sent to its servers.

🔧 Microsoft is investigating a known issue that prevents users of the classic Outlook for Windows from opening OMEv2-encrypted emails sent from a different organization, producing the error message "Configuring your computer for Information Rights Management." As a temporary workaround, administrators can either exclude external users from Conditional Access requirements or enable cross-tenant trust for MFA claims in the Microsoft Entra admin center. Enabling cross-tenant trust is the recommended and easiest option, but both sending and receiving tenants must apply it for full cross-tenant compatibility.

🔒 Microsoft will add a security feature to Edge that detects and revokes malicious sideloaded extensions. The protection targets extensions installed via Developer Mode or other local sideloading methods that bypass the Microsoft Edge Add-ons vetting process. Microsoft plans a worldwide rollout in November for standard multi-tenant instances, aiming to reduce large-scale extension abuse and forced-install campaigns.

🔧 Microsoft released the final non-security preview update for Windows 10 22H2 (KB5066198), delivering fixes for the out-of-box experience and SMBv1 connectivity over NetBIOS over TCP/IP (NetBT). This optional cumulative update lets administrators test improvements before they roll into the next month’s Patch Tuesday and raises systems to build 19045.6396. KB5066198 also resolves an Autopilot Enrollment Status Page (ESP) OOBE loading issue and includes prior fixes for unexpected UAC prompts and NDI streaming performance regressions. Install via Windows Update by choosing 'Download and install' for optional updates or obtain the package from the Microsoft Update Catalog.

🚀 The reimagined Microsoft Marketplace is a unified destination to find, try, buy and deploy cloud solutions, AI apps and agents, combining Azure Marketplace and Microsoft AppSource. It lists tens of thousands of offerings and more than 3,000 AI apps and agents with rapid provisioning into Microsoft environments using Model Context Protocol (MCP). Integrations with CSPs and channel partners support private offers, a resale-enabled preview and governance for enterprise deployment.

🛡️ Microsoft will provide no-cost Extended Security Updates (ESU) for Windows 10 consumer users across the European Economic Area (EEA). The company adjusted enrollment so consumers can access critical patches without tying updates to Windows Backup or Microsoft Rewards, following pressure from Euroconsumers. Microsoft says the change aims to support customers transitioning to Windows 11 before Windows 10 reaches end of support on October 14, 2025.

⚖️ A year after Google Cloud filed a formal complaint with the European Commission, restrictive cloud licensing by Microsoft remains entrenched and, according to recent disclosures, appears to be intensifying. Microsoft has described efforts to drive customers to Azure as a core growth pillar, while new licensing changes due at the end of September further restrict managed service providers from hosting workloads on competing clouds. Regulators such as the U.K.'s CMA have found these policies harm customers, competition, innovation, and cybersecurity, and multiple global authorities are now scrutinizing the practices.

🔐 Chinese state-linked actors deployed a custom Linux/BSD backdoor called BRICKSTORM on network edge appliances to maintain persistent access into U.S. legal, technology, SaaS and outsourcing firms. These implants averaged 393 days of undetected dwell time and were used to pivot to VMware vCenter/ESXi hosts, Windows systems, and Microsoft 365 mailboxes. Mandiant and Google TAG attribute the activity to UNC5221 and have released a scanner and hunting guidance to locate affected appliances.

🔍 A single Microsoft Defender alert triggered an investigation that uncovered a persistent cyberthreat against retail customers. Attackers exploited unpatched SharePoint flaws CVE-2025-49706 and CVE-2025-49704 using obfuscated ASPX web shells while also compromising identities through self-service password reset abuse and Microsoft Entra ID reconnaissance. DART swiftly contained the intrusions—removing web shells, isolating Entra ID, deprivileging accounts, and recommending Zero Trust measures, MFA enforcement, timely patching, and EDR deployment.

🔧 Microsoft outlined a set of agentic AI tools to speed migration and modernization across applications and data. GitHub Copilot now automates Java and .NET upgrades and end-to-end app modernization flows, while Azure Migrate adds AI-driven guidance, connected Copilot workflows, and broader application-awareness. The Azure Accelerate program pairs expert deployment support and funding to reduce friction and help teams move projects faster.

🔧 Microsoft removed a compatibility hold that prevented devices with integrated cameras from installing Windows 11, version 24H2 after fixing a face/object detection bug that could cause the Camera app, Windows Hello facial sign-in, and other camera-using apps to freeze. The safeguard (ID 53340062) has been lifted; eligible devices with no other holds should be offered the update via Windows Update within 48 hours, and restarting may speed the offer. Microsoft recommends installing the latest security update, which includes the fix.

🎬 Microsoft confirmed a known issue that prevents some apps from playing DRM-protected video content or from displaying and recording live TV on Windows 11 24H2 systems after installing the August non-security preview update (KB5064081) or later. Applications using Enhanced Video Renderer with HDCP enforcement or DRM for digital audio may encounter copyright protection errors, frequent playback interruptions, freezing, or black screens. The vendor is working on a fix that will be delivered in a future Windows update.

🔍Three major cybersecurity vendors — Microsoft, SentinelOne and Palo Alto Networks — have declined to participate in the 2025 MITRE Engenuity ATT&CK Evaluations: Enterprise, citing a need to prioritize product development and innovation. Their exits, after strong 2024 performances, have sparked debate over the tests' scope and whether they encourage PR-driven preparation. MITRE says it will revive a vendor forum for 2026 to improve engagement.

🔒 Microsoft has patched a critical token validation failure in Entra ID (formerly Azure AD), tracked as CVE-2025-55241 and assigned a CVSS score of 10.0. The flaw combined misused service-to-service (S2S) actor tokens issued by the Access Control Service (ACS) with a validation gap in the legacy Azure AD Graph API that enabled cross-tenant impersonation, including Global Administrators. Microsoft released a fix on July 17, 2025 and said no customer action is required; there is no indication the issue was exploited in the wild. Security firms warned the vulnerability could bypass MFA, Conditional Access and logging, potentially enabling full tenant compromise.

🎮 Microsoft has begun a beta rollout of Gaming Copilot to Windows 11 PCs for users aged 18 and older outside mainland China. Integrated into the Game Bar via the Xbox PC app (Win+G), the assistant offers a Voice Mode for in‑game help, game recommendations, achievement checks and play‑history insights. Microsoft plans to push the feature to the Xbox mobile app on iOS and Android in October. Users can remove the widget from the Game Bar via Settings if they prefer.

🚀 Microsoft unveiled Fairwater, a purpose-built AI datacenter in Wisconsin and sister sites in Norway and the UK, designed to operate as a single, global-scale supercomputer. The facility deploys interconnected racks of NVIDIA GB200 servers (72 GPUs per rack) and claims 10× the performance of the world’s fastest supercomputer. It combines closed-loop liquid cooling, exabyte-scale storage and an AI WAN to enable distributed training and large-scale inference across Azure.

🔷 Microsoft was named a Leader in the 2025 Gartner Magic Quadrant for Global Industrial IIoT Platforms, highlighting its industrial cloud portfolio. Azure’s adaptive cloud—anchored by Azure IoT, Azure Arc, Azure Digital Twins, and Microsoft Fabric—is positioned to unify cloud-to-edge data, enable real‑time intelligence, and scale AI-driven operations. The platform emphasizes security with Microsoft Defender for IoT, Microsoft Sentinel, and Microsoft Entra, while enabling brownfield integration and partner-led solutions to accelerate industrial modernization.