< ciso
brief />
Tag Banner

All news with #microsoft tag

835 articles · page 4 of 42

Microsoft issues record June 2026 security fixes

🛡️ Microsoft released fixes for a record 206 security vulnerabilities in June 2026, including three publicly disclosed flaws. The update covers 39 Critical and 167 Important issues, spanning privilege escalation, RCE, information disclosure, spoofing, and more, and includes two non-Microsoft CVEs and numerous Chromium fixes affecting Edge. Notable patched bugs include a Windows Kernel use-after-free (CVE-2026-45657), HTTP.sys and DHCP client RCEs, and several BitLocker bypasses addressed after public PoCs.
read more →

Microsoft fixes 200 CVEs in June Patch Tuesday

🛡️ Microsoft released June Patch Tuesday updates addressing 200 vulnerabilities, including three publicly disclosed zero-days. The release fixed 33 critical CVEs — mostly remote code execution bugs — and a large share of elevation-of-privilege issues. Notable fixes include the HTTP/2 Bomb DoS (CVE-2026-49160), a BitLocker bypass (CVE-2026-50507), and a CTFMON elevation-of-privilege flaw (CVE-2026-45586). Administrators are advised to prioritize patches for several high-risk RCE and EoP bugs affecting Windows components like Win32K, Remote Desktop, DHCP client, and Hyper-V.
read more →

Proof-of-Concept for Defender RoguePlanet Zero-Day

🛡️ An anonymous researcher known as Chaotic Eclipse published a proof-of-concept for a Microsoft Defender zero-day dubbed RoguePlanet, a race-condition exploit that can yield SYSTEM-level shells on Windows 10 and 11 with June 2026 patches. The PoC is inconsistent across systems and currently fails on Windows Server due to ISO mounting restrictions. The disclosure follows prior Defender flaws from the same researcher and a public conflict with Microsoft over coordinated disclosure and account revocation.
read more →

Record-breaking June 2026 Patch Tuesday updates

🚨 Microsoft released fixes addressing nearly 200 vulnerabilities in its June 2026 Patch Tuesday, the largest monthly tally to date, with almost three dozen rated critical and public exploit code for at least three flaws. Multiple zero-days were patched, including CVE-2026-49160 affecting IIS and CVE-2026-50507 for BitLocker, with some reports tied to researcher "Nightmare Eclipse." Microsoft and other vendors noted rising use of AI in vulnerability discovery and unusually high browser flaw counts this month.
read more →

Microsoft June 2026 Patch Tuesday: Key Fixes

🛡️ Microsoft released its June 2026 security update addressing 206 vulnerabilities, including 32 marked critical. Talos highlights multiple RCEs across Windows components, Office, Azure services, and other products, and calls out several vulnerabilities as more likely to be exploited. Cisco Talos published Snort 2 and Snort 3 rules to detect exploitation attempts and urges customers to update rule packs promptly.
read more →

Microsoft issues Windows 10 KB5094127 update

🔒 Microsoft released the Windows 10 KB5094127 Extended Security Update, which applies June 2026 Patch Tuesday fixes and adds functionality to monitor the rollout of renewed Secure Boot certificates. The update brings Windows 10 to build 19045.7417 and Windows 10 Enterprise LTSC 2021 to build 19044.7417, and is available to Enterprise LTSC and ESU-enrolled systems via Windows Update. It also improves File Explorer search, enables dynamic Secure Boot status reporting, introduces the LimitSecureBootRequiredServiceData policy, and expands targeted delivery of new Secure Boot certificates. Microsoft warns of a known BitLocker recovery prompt issue for certain TPM/PCR7 and Secure Boot configurations and suggests a temporary Group Policy workaround while a permanent fix is prepared.
read more →

Microsoft June 2026 Patch Tuesday fixes 200 flaws

🛡️ Microsoft released its June 2026 Patch Tuesday addressing 200 vulnerabilities, including three publicly disclosed zero-day flaws. The update includes 33 Critical issues — 28 of them remote code execution — and a broad mix of elevation of privilege, information disclosure, spoofing, and DoS bugs. Microsoft also provided mitigations and new settings, such as MaxHeadersCount for HTTP/2, and highlighted that some fixes were issued earlier for cloud and Edge components.
read more →

Microsoft June 2026 Patch Tuesday: 200 Flaws Fixed

🛡️ Microsoft released its June 2026 Patch Tuesday addressing 200 vulnerabilities, including five publicly disclosed zero-days and one actively exploited flaw. The updates cover 33 Critical issues, with numerous RCE, elevation of privilege, information disclosure, and other vulnerabilities across Windows, Exchange, BitLocker, HTTP/2 and more. Microsoft also provided mitigations and new settings such as a MaxHeadersCount registry key for HTTP/2.
read more →

Reconstructing AI activity for investigations

🔍 Microsoft outlines a structured approach to investigate AI interactions across Microsoft 365 Copilot and Azure AI services, emphasizing telemetry from Purview, Defender, and Sentinel. The new investigator playbook follows a scope–context–signal methodology to identify who interacted with AI systems, what resources were accessed, and when events occurred. It operationalizes detection logic, KQL queries, and schema references to help response teams build coherent investigative narratives and assess impact.
read more →

Windows 11 June 2026 Cumulative Updates Released

🔔 Microsoft released Windows 11 cumulative updates KB5094126 and KB5093998 for 25H2/24H2 and 23H2 on Patch Tuesday, delivering security fixes, bug patches, and new features. The updates change build numbers and add capabilities like Shared Audio and expanded Xbox mode, plus Task Manager NPU visibility and Multi‑App Camera. Install via Settings > Windows Update or the Microsoft Update Catalog for the June 2026 security rollup.
read more →

Claude Fable 5 in Microsoft Foundry Empowers Agents

🤖 Microsoft has integrated Anthropic’s Claude Fable 5 into Foundry, bringing Mythos-level capabilities to GitHub Copilot and Foundry Agent Service with enterprise-grade safeguards. The model excels at long-running, multi-stage tasks—code refactors, deep research, and document-heavy workflows—while Foundry adds governance, observability, and deployment controls. Combined with Microsoft IQ, Fable 5 can reason across organizational data and applications to support production-grade autonomous agents.
read more →

Claude Fable 5 Joins Microsoft Foundry for Agents

🚀 Claude Fable 5 is now available in Microsoft Foundry, powering agents across GitHub Copilot and the Foundry Agent Service to tackle long-running, multi-stage tasks such as complex refactoring, research synthesis, and document-heavy workflows. Foundry adds enterprise-grade security, governance, and operational controls to help organizations evaluate, deploy, and scale autonomous systems in production. Anthropic and Microsoft combine safeguards, guided guardrails, and observability to support responsible use while enabling powerful multimodal reasoning and continuous agent improvement.
read more →

Security shifts to the human layer as AI scams surge

🛡️ Microsoft and Google warn that cybercriminals are repurposing familiar social-engineering tactics around AI tools and trusted cloud services, impersonating platforms like ChatGPT, Copilot, and Claude to distribute malware, steal credentials, and run investment scams. Both advisories note attackers rely on longstanding techniques—urgency, trusted-brand abuse, and redirection chains—while adapting lures to where AI is embedded in daily workflows. The trend shifts the threat surface from code to employee behavior, demanding resilience beyond blocking single phishing campaigns.
read more →

Microsoft Teams Phishing Risks and Mitigations

🛡️ This Unit 42 report examines how threat actors use Microsoft Teams to impersonate IT staff, leveraging external chat and compromised or typosquatted accounts to phish employees. It outlines real-world incidents, explains how permissive federation and external chat settings widen the attack surface, and emphasizes that identity systems are the ultimate target. The article recommends tighter configuration, identity-centric controls, monitoring, and updated user training.
read more →

VS Code introduces two‑hour extension update delay

🔒 Microsoft will delay automatic extension updates in Visual Studio Code by two hours to reduce exposure to potentially compromised releases. The feature, available in VS Code 1.123, allows immediate manual updates via the "Update" button and shows reasons and scheduled times for pending updates. Trusted publishers such as Microsoft, GitHub, and OpenAI are exempt and continue to update immediately. The change follows similar cooldown controls added across package managers to curb software supply chain threats.
read more →

Hands-on: Microsoft’s Intelligent Terminal for Windows

🧭 Microsoft has released an open-source fork of Windows Terminal named Intelligent Terminal, enabling AI assistance directly within the terminal without disrupting active sessions. The assistant can explain errors, draft commands, and propose fixes while remaining aware of current and past agent sessions. Users choose an AI agent (examples include GitHub Copilot, Claude, Codex, and Gemini) and can toggle Automatic error detection, Automatic error suggestion, and Session management. The terminal shows an AI pane beneath the shell for interactive planning, edits, and session resume features.
read more →

Miasma worm compromises 73 Microsoft GitHub repos

🛡️ Microsoft's GitHub organizations — including Azure, Azure-Samples, Microsoft, and MicrosoftDocs — were hit by the self-replicating Miasma supply chain campaign that affected 73 repositories, prompting GitHub to disable access. The incident notably re-compromised the durabletask package previously infected by TeamPCP, suggesting lingering credential exposure. Miasma, a variant of the Mini Shai-Hulud worm, has mutated rapidly and pushed malicious payloads both to registries and directly to GitHub source repos, leveraging AI coding tools and developer workflows to execute payloads. Security firms warn the campaign exploits trust in maintainers and signing rather than platform vulnerabilities, allowing widespread propagation across the open-source ecosystem.
read more →

Microsoft lists seven new agentic AI failure modes

🔍 Microsoft has expanded its Taxonomy of Failure Modes in Agentic AI Systems with seven newly identified ways agentic AI can be compromised. The update cites rapid adoption, maturation of the Model Context Protocol (MCP) ecosystem, proliferation of computer-use agents, and increased empirical evidence as drivers. New failure modes include supply chain compromise, goal hijacking, inter-agent trust escalation, visual attacks on CUAs, session context contamination, MCP/plugin abuse, and capability disclosure. Microsoft recommends inventorying agent supply chains, issuing cryptographic attestations, adding these modes to red-team exercises, and auditing human-in-the-loop controls.
read more →

Updated Taxonomy of Agentic AI Failure Modes

🔎 The Microsoft AI Red Team released a v2.0 update to the Taxonomy of Failure Modes in Agentic AI Systems, grounded in twelve months of red team engagements and operational data. The revision adds seven new failure mode categories—such as agentic supply chain compromise, goal hijacking, and visual attacks against computer-use agents—expands mitigations, and emphasizes supply chain, zero‑trust, and session hardening.
read more →

Microsoft warns on AI-enabled malware risks

🔒 Microsoft’s Detection and Response Team (DART) warns that AI adoption has introduced new attack surfaces, with threat actors weaponizing AI tools in social engineering and supply chains. A highlighted campaign, ‘JustAskJacky’, disguised a malicious AI assistant that installed a Java backdoor and persistence tasks. Experts urge organisations to assess nonstandard AI apps, enforce security reviews, and make AI risk a board-level priority.
read more →