< ciso
brief />
Tag Banner

All news with #microsoft tag

835 articles · page 40 of 42

Microsoft Patches 80 Flaws, Including SMB Elevation

🔒 Microsoft released fixes for 80 security flaws across its products, including one publicly disclosed SMB privilege-escalation issue (CVE-2025-55234). Eight flaws are rated Critical and 72 Important, with a high proportion of elevation-of-privilege bugs. The update also includes a CVSS 10.0 Azure Networking fix and new auditing options to help administrators assess Windows SMB signing and Extended Protection compatibility before hardening.
read more →

Two Zero-Days Among Microsoft Patch Tuesday Fixes This Month

⚠️ Microsoft released its monthly Patch Tuesday addressing 81 vulnerabilities, including two disclosed zero-days affecting SQL Server and SMB. The first, CVE-2024-21907, involves improper handling in Newtonsoft.Json used by SQL Server and can cause denial of service via deeply nested JSON. The second, CVE-2025-55234, is a remotely exploitable SMB elevation-of-privilege that can be mitigated by hardening features like SMB Server Signing and Extended Protection for Authentication; Microsoft also offers audit tools to check compatibility before enabling them.
read more →

Patch Tuesday: Critical SAP NetWeaver and Microsoft Fixes

🔔 CISOs with SAP NetWeaver AS Java deployments should urgently patch two critical flaws: CVE-2025-42944, a CVSS 10.0 insecure deserialization in the RMI-P4 module, and a CVSS 9.9 insecure file-upload vulnerability that can lead to full system compromise. As an immediate mitigation, admins can apply P4 port filtering at the ICM level until patches are installed. Microsoft released fixes for 13 critical bugs this month, including Hyper‑V guest-to-host escalation issues and an NTLM elevation flaw (CVE-2025-54918) marked Exploitation More Likely; teams should prioritize domain controllers and virtualization hosts.
read more →

Microsoft Patch Tuesday: September 2025 Security Fixes

🔒 Microsoft today released Patch Tuesday updates addressing more than 80 vulnerabilities across Windows and related products, including 13 rated critical. There are no known zero‑day or actively exploited flaws in this bundle, but Microsoft patched several high‑risk issues such as CVE-2025-54918 (Windows NTLM), CVE-2025-55234 (SMB client), and CVE-2025-54916 (NTFS). Researchers warn many fixes are for privilege‑escalation bugs — some remotely exploitable — and note that Apple and Google recently patched zero‑days in their platforms as well.
read more →

Microsoft September 2025 Patch Tuesday: 86 Fixes Guidance

🔒Microsoft released its September 2025 security update addressing 86 vulnerabilities across Windows, Office, DirectX, Hyper-V and related components. Microsoft reported no active in-the-wild exploitation but identified eight flaws where exploitation is more likely, including a network RCE in NTFS (CVE-2025-54916). Talos published Snort rules to detect attempts and recommends administrators prioritize patches and update IDS/IPS signatures promptly.
read more →

Windows 10 KB5065429 — 14 Fixes for UAC and NDI Issues

🔧Microsoft has released the KB5065429 cumulative update for Windows 10 22H2 and 21H2, delivering fourteen fixes and improvements, including remedies for unexpected UAC prompts and severe lag with NDI streaming software. This update is mandatory as it bundles the September 2025 Patch Tuesday security fixes, addressing two publicly disclosed zero-days and 81 additional vulnerabilities. Systems will update to build 19045.6332 (22H2) or 19044.6332 (21H2) and can be installed via Windows Update or the Microsoft Update Catalog. Microsoft reports no known issues with this release.
read more →

Microsoft Sep 2025 Patch Tuesday: 81 fixes, two zero-days

🔒 Microsoft released its September 2025 Patch Tuesday addressing 81 vulnerabilities, including two publicly disclosed zero-days affecting Windows SMB Server and the Newtonsoft.Json library bundled with SQL Server. The update bundle contains nine Critical fixes — five remote code execution issues — and a total of 41 elevation-of-privilege vulnerabilities across Windows, Azure, and related components. Administrators are advised to apply patches promptly, enable and test SMB Server signing and Extended Protection for Authentication, enable auditing to check compatibility, and ensure SQL Server receives the patched Newtonsoft.Json to mitigate the disclosed flaws.
read more →

Windows 11 September 2025 Updates KB5065426 & KB5065431

🔒 Microsoft has released cumulative updates KB5065426 (24H2) and KB5065431 (23H2) as the September 2025 Patch Tuesday rollup; these mandatory updates address security vulnerabilities and multiple reliability and UX issues. Install via Start > Settings > Windows Update or download from the Microsoft Update Catalog; Enterprise/Hotpatch systems receive KB5065474 reporting build 26100.6508. After updating, 24H2 moves to build 26100.6584 and 23H2 to build 226x1.5909, and Microsoft warns that support for 23H2 ends on November 11, 2025.
read more →

Microsoft anti-spam bug blocks URLs in Exchange, Teams

🔒 Microsoft is addressing a known anti-spam issue that has caused its service to incorrectly block URLs in Exchange Online and Microsoft Teams, and to quarantine some messages. The engine erroneously flags URLs embedded inside other URLs as malicious, creating alerts and preventing users from opening links that were already confirmed safe. Engineers deployed a fix to stop further quarantines and are unblocking over 6,000 affected URLs, but additional impacted links and residual message recovery remain under active remediation while a root cause analysis continues.
read more →

Microsoft Tests AI Actions in Windows 11 File Explorer

🤖 Microsoft is testing new AI actions in Windows 11 File Explorer that let users manipulate images and interact with files without opening them. Currently supported edits for JPG, JPEG, and PNG files include background removal, object erasure, background blur, and a reverse image search via Bing. Insiders on Canary Channel Build 27938 can access these tools from the right-click contextual menu. A new privacy control also shows which third-party apps have used Windows' generative AI models and lets users manage access.
read more →

September 2025 Patch Tuesday: Microsoft Vulnerabilities

🔔 Microsoft’s September 2025 update addresses 84 vulnerabilities, including two publicly disclosed zero-days and eight Critical issues. CrowdStrike’s analysis identifies elevation of privilege, remote code execution and information disclosure as the top exploitation vectors and notes many critical flaws require some user interaction. Key affected components include Windows, Extended Security Updates (ESU) and Microsoft Office, with notable CVEs in SMB, NTLM, Hyper-V and graphics subsystems. Organizations should prioritize patching, apply mitigations for unpatchable issues, and plan for Windows 10 end of support in October 2025.
read more →

GPUGate: Malware Uses Google Ads and GitHub Redirects

🔒 Cybersecurity researchers have disclosed a sophisticated malvertising campaign that leverages paid search ads and manipulated GitHub commit URLs to redirect victims to attacker-controlled infrastructure. The first-stage dropper is a bloated 128 MB MSI that evades many online sandboxes and employs a GPU-gated decryption routine dubbed GPUGate, which aborts on systems lacking a real GPU or proper drivers. The campaign uses a lookalike domain (gitpage[.]app) and a VBScript-to-PowerShell chain that gains admin privileges, adds Microsoft Defender exclusions, establishes persistence, and stages secondary payloads for data theft.
read more →

Amazon RDS Adds Latest Microsoft SQL Server GDR Updates

🔒 Amazon Relational Database Service (RDS) for Microsoft SQL Server now supports the latest General Distribution Release (GDR) updates for SQL Server 2016 SP3, 2017 CU31, 2019 CU32, and 2022 CU20. The supported RDS engine versions map to KB5063762, KB5063759, KB5063757, and KB5063814 respectively. These GDRs address vulnerabilities tracked as CVE-2025-49758, CVE-2025-24999, CVE-2025-49759, CVE-2025-53727, and CVE-2025-47954. We recommend that customers upgrade their RDS instances via the RDS Management Console, AWS SDK, or AWS CLI and follow the RDS SQL Server upgrade guidance.
read more →

Microsoft Gives Free One-Year 365 to U.S. Students

🎓 Microsoft is offering a free 12-month subscription to Microsoft 365 Personal for U.S. college students, including community college attendees, with the offer available through October 31, 2025. The subscription includes Word, Excel, PowerPoint, OneNote, and Outlook with the Copilot AI assistant, plus 1 TB of OneDrive storage and ransomware protection. Students must verify enrollment via a school email or documentation, and a 50% discount is available if they keep the plan after the first year. Microsoft also announced educator grants, community college certifications, AI training, and expanded Copilot access for U.S. schools.
read more →

August Windows updates trigger UAC prompts, block installs

⚠️ Microsoft says the August 2025 security updates are causing unexpected User Account Control (UAC) credential prompts and preventing application installations and MSI repair operations for non‑admin users across supported Windows client and server releases. The behavior stems from a patch addressing CVE-2025-50173, a Windows Installer privilege escalation vulnerability that now enforces elevated UAC prompts during MSI repair and related operations. Affected scenarios include MSI repair commands, ConfigMgr deployments relying on per‑user advertising, Secure Desktop enablement, and launching certain Autodesk applications. Microsoft plans a fix allowing admins to exempt specific apps and recommends running affected apps as administrator or applying a Known Issue Rollback via support as a temporary mitigation.
read more →

Amazon Disrupts APT29 Campaign Targeting Microsoft 365

🔒 Amazon disrupted an operation attributed to the Russian state-sponsored group APT29 that used watering-hole compromises to target Microsoft 365 accounts. The attackers injected obfuscated JavaScript into legitimate sites to redirect roughly 10% of visitors to fake Cloudflare verification pages and then into a malicious Microsoft device code authentication flow. Amazon isolated attacker EC2 instances and worked with Cloudflare and Microsoft to take down identified domains; the campaign did not affect Amazon's infrastructure.
read more →

Amazon Thwarts APT29 Watering Hole Targeting Microsoft

🔒 Amazon’s threat intelligence team disrupted a watering hole attack attributed to the Russian state‑linked group APT29 that attempted to abuse Microsoft device code authentication flows. Compromised websites injected JavaScript that redirected about 10% of visitors to attacker-controlled domains mimicking Cloudflare verification pages. Amazon reported no AWS service compromise; attackers used evasion techniques and quickly rotated infrastructure.
read more →

Microsoft Fixes Bug Causing Certificate Enrollment Errors

🔧 Microsoft has addressed a known issue that produced false CertificateServicesClient (CertEnroll) error events after the July 2025 non-security preview (KB5062660) and subsequent Windows 11 24H2 updates. The events referenced the Microsoft Pluton Cryptographic Provider not being loaded but were benign and caused by a partially integrated feature still under development. The fix is rolling out automatically and requires no user action.
read more →

Microsoft to Enforce MFA for Azure Resource Management

🔐 Starting October 1, 2025, Microsoft will enforce multi-factor authentication (MFA) for all Azure resource management actions to protect tenants from unauthorized access. The change, part of its Secure Future Initiative, will be rolled out gradually across public cloud tenants and covers Azure CLI, PowerShell, SDKs, REST APIs, IaC tools, the Azure mobile app, and automation that uses user identities. To prevent disruptions Microsoft recommends updating Azure CLI to 2.76+ and Azure PowerShell to 14.3+; global administrators may postpone enforcement until July 2026.
read more →

Microsoft: August KB5063878 not tied to SSD failures

🔍 Microsoft says its August 2025 security update, KB5063878, is not connected to recent reports of SSD and HDD failures. After internal testing and telemetry analysis, Redmond said it could not reproduce the corruption or drive losses and found no increase in disk failures following the Windows 11 24H2 update. Microsoft is working with storage partners and controller vendors and will continue to monitor customer feedback while investigating any new reports.
read more →