Tag: microsoft
602 articles
Microsoft Fixes Firmware Flaw in Surface Devices That Allowed Bricking via Single Packet
A security researcher discovered that a routine attempt to adjust the backlight on a Surface laptop turned into a nightmare when Microsoft Copilot generated a Python script that overwrote the embedded controller firmware, rendering the machine useless. The script sent faulty commands to the device's microcontroller, highlighting a serious firmware flaw that Microsoft has now fixed.
Microsoft Resolves Windows Update Failures Tied to WUSA Installer
Microsoft has fixed a frustrating issue with Windows updates, where installations using the Windows Update Standalone Installer (WUSA) were failing with an ERROR_BAD_PATHNAME error when run from a network share with multiple update files. This fix should bring relief to admins who've struggled with update failures.
New Exploit Bypasses Windows BitLocker via Recovery Partition Files
A security researcher stumbled upon a shocking new exploit, dubbed GreatXML, that bypasses Windows BitLocker in just 4 hours - and it's connected to the Windows Defender Offline Scan feature. If you've ever used this scan, you may be vulnerable to this alarming BitLocker bypass.
Microsoft Zero-Day Exploit Bypasses BitLocker Encryption
A security researcher known as Nightmare Eclipse has made a startling discovery, unveiling exploit code called GreatXML that can bypass Microsoft's BitLocker encryption on systems that have run a Microsoft Defender Offline scan. This accidental find took just four hours to uncover, leaving many to wonder about potential vulnerabilities.
Microsoft Resolves BitLocker Recovery Bug in Windows Server 2025 Update
Microsoft has fixed a frustrating bug in the April 2026 security update for Windows Server 2025 that could have forced devices into BitLocker recovery mode, and the solution is now available in two cumulative updates, KB5094125 and KB5093998. This fix ensures a smoother experience for users by preventing unexpected BitLocker recovery key prompts.
Microsoft Fixes Zero-Day Flaw in Exchange Server Exploited in Attacks
Microsoft has patched a high-severity flaw in Exchange Server, known as CVE-2026-42897, which allowed hackers to execute malicious JavaScript in victims' browsers simply by sending a specially crafted email. This zero-day vulnerability was actively exploited in attacks, putting Outlook Web Access users at risk.
Microsoft Warns of Windows Update Failures After 11 Upgrades
Beware: if you've upgraded to the latest Windows 11 versions, you might be at risk of update failures, with error codes 0x80073712 or 0x800f0993 popping up when trying to install crucial security patches. Microsoft warns that a small percentage of devices are affected, so it's essential to check your update history and logs to catch any issues.
Microsoft Patch Tuesday Disrupts 206 Vulnerabilities, Including Zero-Days
Microsoft just dropped a massive Patch Tuesday update, fixing a record 206 security vulnerabilities in its software - including three already publicly known flaws - to keep your digital world safe and secure. This critical update tackles a wide range of threats, from remote code execution and privilege escalation to spoofing and more.
Microsoft Fixes Zero-Days in June Patch Tuesday Update
Microsoft just dropped some critical patches in its June update, fixing three zero-day vulnerabilities that left Windows systems open to attacks - and one security researcher isn't happy about the delayed fix. The update squashes bugs that allowed hackers to escalate privileges or bypass disk encryption.
Microsoft Unveils Record 200 Patches, Warns of Rising AI-Driven Flaws
Microsoft just dropped a record 200 security patches to fix critical flaws in Windows and supported software, with nearly three dozen vulnerabilities rated as critical and at least three already being exploited by hackers. This massive update signals a new normal in vulnerability disclosure, with AI-driven flaws on the rise.
Microsoft Patch Tuesday Disrupts 200 Vulnerabilities, Zero-Day Exploits
Microsoft's June Patch Tuesday update is a doozy, tackling a whopping 200 vulnerabilities, including three zero-day exploits and 33 critical flaws that could lead to remote code execution. This crucial update aims to prevent a range of issues, from denial-of-service attacks to elevation of privilege and information disclosure.
Microsoft Patch Tuesday Release Sets Record with 206 CVEs Addressed
Microsoft just dropped a record-breaking Patch Tuesday update, fixing a whopping 206 vulnerabilities across its products - including 38 critical ones. This massive release surpasses previous months and confirms a trend towards larger updates, raising both relief and concern among security experts.
Microsoft Patch Tuesday Update Sets Record with 206 Vulnerabilities Fixed
Microsoft just dropped a record-breaking Patch Tuesday update, fixing a staggering 206 vulnerabilities in a single swoop - a move that's both impressive and concerning. This massive update is part of a larger trend, with nearly half of this year's patches containing triple-digit numbers of fixes.
Microsoft Bolsters Windows 10 with Extended Security Update
Microsoft just dropped a vital update for Windows 10 users, packed with critical security fixes, including patches for 200 vulnerabilities and three zero-day flaws. If you're running Windows 10 Enterprise LTSC or are part of the Extended Security Updates program, you can easily grab the update by checking for new updates in your Windows Update settings.
Microsoft Patch Tuesday Discloses 3 Zero-Day Flaws Amid 200 Security Fixes
Microsoft just dropped its June Patch Tuesday update, tackling a whopping 200 security flaws, including three zero-day vulnerabilities that need urgent attention. This massive release is a must-address for all organizations running Microsoft software.
Microsoft Releases June 2026 Patch Tuesday Updates for Windows 11
Stay ahead of security threats with the latest Windows 11 updates, as Microsoft releases its June 2026 Patch Tuesday updates to fix several vulnerabilities and keep your system protected. Simply head to Settings > Windows Update to install the update and ensure your device is secure.
Microsoft Probes Miasma Campaign as GitHub Repos Remain Offline
Microsoft swiftly took action to safeguard its customers and the broader ecosystem by temporarily removing some GitHub repositories while investigating a software supply chain intrusion. The company has since restored some, but others remain offline as the probe continues.
GitHub Disrupts Microsoft Repos Hosting Password-Stealing Malware
In a lightning-fast response, GitHub and Microsoft swiftly contained a malware incident on June 5, removing 73 repositories and restoring disrupted developer workflows in a mere 105 seconds. The quick takedown prevented password-stealing malware from causing further harm, showcasing the companies' commitment to protecting their platforms.
Miasma Worm Exposes GitHub Repositories in Supply Chain Attack
A sneaky Miasma worm has infiltrated 73 Microsoft GitHub repositories, putting countless projects at risk in a self-replicating supply chain attack. This malicious campaign is a stark reminder of the rapidly evolving threats lurking in the shadows of our digital supply chains.
GitHub Disrupts Microsoft Repos Amid Suspected Worm Infections
GitHub took drastic action, removing over 70 Microsoft repositories and disrupting critical code pipelines, after detecting suspected worm infections. This swift move has left many automated builds and deployments in limbo.
Microsoft Unveils Intelligent Terminal, AI-Powered Windows Tool
Meet Intelligent Terminal, your new coding sidekick that helps you squash errors, craft commands, and troubleshoot issues without ever leaving Windows Terminal. This AI-powered assistant is like having a expert developer by your side, always aware of what's happening and ready to lend a hand.
Miasma Worm Targets Microsoft GitHub Repositories in Supply Chain Attack
GitHub has taken swift action, disabling access to 73 Microsoft repositories across four organizations after a sneaky supply chain attack by the Miasma Worm compromised code on the platform. The disruption was triggered when the malware targeted Microsoft's GitHub repositories, prompting site-wide warnings and restricted access.
Microsoft Revives Vulnerability Disclosure Debate with Researcher Crackdown
Microsoft is stirring up controversy in the vulnerability disclosure debate, clashing with a security researcher over the responsible handling of zero-day vulnerabilities. The tech giant's strong response, including threats of legal action, has sparked heated discussion on coordinated disclosure.
Microsoft Warns AI Adoption Exposes Organizations to New Malware Threats
Microsoft's senior security researcher warns that the AI tools making our jobs easier can also be exploited by threat actors, highlighting a new and urgent risk for organizations to manage. As AI adoption grows, companies must recognize it as both a valuable asset and a potential attack surface that requires careful protection.