All news with #microsoft tag

🔍 Senator Ron Wyden has asked the Federal Trade Commission to investigate Microsoft for what he describes as "gross cybersecurity negligence" that he says facilitated ransomware attacks on U.S. critical infrastructure, including healthcare. Wyden's four-page letter to FTC Chair Andrew Ferguson cites the 2024 Ascension breach attributed to Black Basta and details an attack chain that began when a contractor clicked a malicious link after using Microsoft's Bing search. The senator highlights exploitation of insecure default Kerberos settings and legacy RC4 support enabling Kerberoasting, and criticizes Microsoft for not enforcing stronger defaults and minimum password requirements while noting the company's published mitigations and planned deprecations.

🚨 Senator Ron Wyden has asked the FTC to investigate Microsoft for what he calls "gross cybersecurity negligence," arguing insecure defaults enabled widespread ransomware attacks. He cites the February 2024 Ascension Health breach that exposed 5.6 million patient records and describes how a single click enabled lateral movement via Kerberoasting and lingering RC4 support. Wyden criticizes Microsoft for building a >$20 billion security business of add-on protections while leaving core products vulnerable and says promised fixes and plain-language guidance were inadequate. The letter warns this pattern poses national-security and industry-wide risks.

🎉 Microsoft announced that, starting today, individual Windows developers can publish applications to the Microsoft Store without paying registration fees. The policy covers Win32 (including .NET WPF and WinForms), UWP, PWA, .NET MAUI, and Electron apps; Microsoft will host MSIX-packaged binaries, sign apps for free, and pay for distribution so developers don't need their own CDN. Developers of non-gaming apps may also implement their own in-app payment systems and retain all revenue. To publish, creators sign in with a personal Microsoft account and must verify identity with a government ID and a selfie; no credit card is required.

🔧 Microsoft has resolved severe lag and stuttering issues affecting NDI streaming on Windows 10 and Windows 11 that appeared after the August 2025 cumulative security updates. The root cause was tied to KB5063878 and KB5063709 and manifested as dropped NDI traffic and degraded performance specifically over RUDP connections, while UDP and Single-TCP streams were unaffected. On September 9, 2025, Microsoft released fixes (KB5065426 and KB5065429) and recommends applying those updates; NDI also published a temporary workaround to switch Receive Mode to Single TCP or UDP in the NDI Tools Access Manager for systems that cannot immediately update.

🔧 Microsoft has issued a fix for an August 2025 update that caused unexpected User Account Control (UAC) prompts and blocked MSI app installations for non-administrative users across multiple Windows client and server releases. The behavior resulted from a security patch addressing CVE-2025-50173, which introduced broader elevation checks to mitigate privilege escalation. Microsoft’s September 2025 update narrows when UAC is required for MSI repairs and lets IT administrators add specific MSI packages to an allowlist via new SecureRepairPolicy and SecureRepairWhitelist registry keys. The company also resolved a separate bug that caused severe lag and stuttering in NDI streaming software on Windows 10 and Windows 11.

🔒 Microsoft released fixes for 80 security flaws across its products, including one publicly disclosed SMB privilege-escalation issue (CVE-2025-55234). Eight flaws are rated Critical and 72 Important, with a high proportion of elevation-of-privilege bugs. The update also includes a CVSS 10.0 Azure Networking fix and new auditing options to help administrators assess Windows SMB signing and Extended Protection compatibility before hardening.

⚠️ Microsoft released its monthly Patch Tuesday addressing 81 vulnerabilities, including two disclosed zero-days affecting SQL Server and SMB. The first, CVE-2024-21907, involves improper handling in Newtonsoft.Json used by SQL Server and can cause denial of service via deeply nested JSON. The second, CVE-2025-55234, is a remotely exploitable SMB elevation-of-privilege that can be mitigated by hardening features like SMB Server Signing and Extended Protection for Authentication; Microsoft also offers audit tools to check compatibility before enabling them.

🔔 CISOs with SAP NetWeaver AS Java deployments should urgently patch two critical flaws: CVE-2025-42944, a CVSS 10.0 insecure deserialization in the RMI-P4 module, and a CVSS 9.9 insecure file-upload vulnerability that can lead to full system compromise. As an immediate mitigation, admins can apply P4 port filtering at the ICM level until patches are installed. Microsoft released fixes for 13 critical bugs this month, including Hyper‑V guest-to-host escalation issues and an NTLM elevation flaw (CVE-2025-54918) marked Exploitation More Likely; teams should prioritize domain controllers and virtualization hosts.

🔒 Microsoft today released Patch Tuesday updates addressing more than 80 vulnerabilities across Windows and related products, including 13 rated critical. There are no known zero‑day or actively exploited flaws in this bundle, but Microsoft patched several high‑risk issues such as CVE-2025-54918 (Windows NTLM), CVE-2025-55234 (SMB client), and CVE-2025-54916 (NTFS). Researchers warn many fixes are for privilege‑escalation bugs — some remotely exploitable — and note that Apple and Google recently patched zero‑days in their platforms as well.

🔒Microsoft released its September 2025 security update addressing 86 vulnerabilities across Windows, Office, DirectX, Hyper-V and related components. Microsoft reported no active in-the-wild exploitation but identified eight flaws where exploitation is more likely, including a network RCE in NTFS (CVE-2025-54916). Talos published Snort rules to detect attempts and recommends administrators prioritize patches and update IDS/IPS signatures promptly.

🔧Microsoft has released the KB5065429 cumulative update for Windows 10 22H2 and 21H2, delivering fourteen fixes and improvements, including remedies for unexpected UAC prompts and severe lag with NDI streaming software. This update is mandatory as it bundles the September 2025 Patch Tuesday security fixes, addressing two publicly disclosed zero-days and 81 additional vulnerabilities. Systems will update to build 19045.6332 (22H2) or 19044.6332 (21H2) and can be installed via Windows Update or the Microsoft Update Catalog. Microsoft reports no known issues with this release.

🔒 Microsoft released its September 2025 Patch Tuesday addressing 81 vulnerabilities, including two publicly disclosed zero-days affecting Windows SMB Server and the Newtonsoft.Json library bundled with SQL Server. The update bundle contains nine Critical fixes — five remote code execution issues — and a total of 41 elevation-of-privilege vulnerabilities across Windows, Azure, and related components. Administrators are advised to apply patches promptly, enable and test SMB Server signing and Extended Protection for Authentication, enable auditing to check compatibility, and ensure SQL Server receives the patched Newtonsoft.Json to mitigate the disclosed flaws.

🔒 Microsoft has released cumulative updates KB5065426 (24H2) and KB5065431 (23H2) as the September 2025 Patch Tuesday rollup; these mandatory updates address security vulnerabilities and multiple reliability and UX issues. Install via Start > Settings > Windows Update or download from the Microsoft Update Catalog; Enterprise/Hotpatch systems receive KB5065474 reporting build 26100.6508. After updating, 24H2 moves to build 26100.6584 and 23H2 to build 226x1.5909, and Microsoft warns that support for 23H2 ends on November 11, 2025.

🔒 Microsoft is addressing a known anti-spam issue that has caused its service to incorrectly block URLs in Exchange Online and Microsoft Teams, and to quarantine some messages. The engine erroneously flags URLs embedded inside other URLs as malicious, creating alerts and preventing users from opening links that were already confirmed safe. Engineers deployed a fix to stop further quarantines and are unblocking over 6,000 affected URLs, but additional impacted links and residual message recovery remain under active remediation while a root cause analysis continues.

🤖 Microsoft is testing new AI actions in Windows 11 File Explorer that let users manipulate images and interact with files without opening them. Currently supported edits for JPG, JPEG, and PNG files include background removal, object erasure, background blur, and a reverse image search via Bing. Insiders on Canary Channel Build 27938 can access these tools from the right-click contextual menu. A new privacy control also shows which third-party apps have used Windows' generative AI models and lets users manage access.

🔔 Microsoft’s September 2025 update addresses 84 vulnerabilities, including two publicly disclosed zero-days and eight Critical issues. CrowdStrike’s analysis identifies elevation of privilege, remote code execution and information disclosure as the top exploitation vectors and notes many critical flaws require some user interaction. Key affected components include Windows, Extended Security Updates (ESU) and Microsoft Office, with notable CVEs in SMB, NTLM, Hyper-V and graphics subsystems. Organizations should prioritize patching, apply mitigations for unpatchable issues, and plan for Windows 10 end of support in October 2025.

🔒 Cybersecurity researchers have disclosed a sophisticated malvertising campaign that leverages paid search ads and manipulated GitHub commit URLs to redirect victims to attacker-controlled infrastructure. The first-stage dropper is a bloated 128 MB MSI that evades many online sandboxes and employs a GPU-gated decryption routine dubbed GPUGate, which aborts on systems lacking a real GPU or proper drivers. The campaign uses a lookalike domain (gitpage[.]app) and a VBScript-to-PowerShell chain that gains admin privileges, adds Microsoft Defender exclusions, establishes persistence, and stages secondary payloads for data theft.

🔒 Amazon Relational Database Service (RDS) for Microsoft SQL Server now supports the latest General Distribution Release (GDR) updates for SQL Server 2016 SP3, 2017 CU31, 2019 CU32, and 2022 CU20. The supported RDS engine versions map to KB5063762, KB5063759, KB5063757, and KB5063814 respectively. These GDRs address vulnerabilities tracked as CVE-2025-49758, CVE-2025-24999, CVE-2025-49759, CVE-2025-53727, and CVE-2025-47954. We recommend that customers upgrade their RDS instances via the RDS Management Console, AWS SDK, or AWS CLI and follow the RDS SQL Server upgrade guidance.

🎓 Microsoft is offering a free 12-month subscription to Microsoft 365 Personal for U.S. college students, including community college attendees, with the offer available through October 31, 2025. The subscription includes Word, Excel, PowerPoint, OneNote, and Outlook with the Copilot AI assistant, plus 1 TB of OneDrive storage and ransomware protection. Students must verify enrollment via a school email or documentation, and a 50% discount is available if they keep the plan after the first year. Microsoft also announced educator grants, community college certifications, AI training, and expanded Copilot access for U.S. schools.

⚠️ Microsoft says the August 2025 security updates are causing unexpected User Account Control (UAC) credential prompts and preventing application installations and MSI repair operations for non‑admin users across supported Windows client and server releases. The behavior stems from a patch addressing CVE-2025-50173, a Windows Installer privilege escalation vulnerability that now enforces elevated UAC prompts during MSI repair and related operations. Affected scenarios include MSI repair commands, ConfigMgr deployments relying on per‑user advertising, Secure Desktop enablement, and launching certain Autodesk applications. Microsoft plans a fix allowing admins to exempt specific apps and recommends running affected apps as administrator or applying a Known Issue Rollback via support as a temporary mitigation.