Geek-Guy.com

Tag: Microsoft

AI, Compliance, Global Security News

Microsoft: Phishing campaign used fake compliance notices to compromise employee accounts

Phishers have been using fake workplace compliance notices to try to trick Microsoft account owners into signing in via a fake sign-in page, says the company’s Defender Research team. The email campaign targeted more than 35,000 users across 13,000 organizations in 26 countries, but concentrated primarily on targets in the United States. Microsoft didn’t say…

Read more →

AI, Apps, Cybersecurity, Global Security News, privacy, Risk Management

Microsoft, Google push AI agent governance into enterprise IT mainstream

Microsoft and Google are adding new controls for AI agents, as enterprise IT teams try to keep up with tools that can access corporate data and act across business applications. Microsoft’s Agent 365, made generally available for commercial customers on May 1, is designed to help organizations discover, govern, and secure AI agents, including those…

Read more →

AI, Global Security News

Microsoft Details Phishing Campaign Targeting 35,000 Users Across 26 Countries

Microsoft has disclosed details of a large-scale credential theft campaign that has leveraged a combination of code of conduct-themed lures and legitimate email services to direct users to attacker-controlled domains and steal authentication tokens. The multi-stage campaign, observed between April 14 and 16, 2026, targeted more than 35,000 users across over 13,000 organizations in 26…

Read more →

AI, Data Breaches, Endpoint, Global Security News, malware, Network Security, Risk Management

Microsoft Defender Flags DigiCert Certificates as Malware 

A recent Microsoft Defender update incorrectly flagged legitimate DigiCert root certificates as malware, triggering widespread alerts.  In some cases, it also removed trusted certificates from Windows systems, causing disruption.  “Earlier today we determined false positive alerts were mistakenly triggered and updated the alert logic,” Microsoft said, as reported by BleepingComputer.   Inside the DigiCert False Positive…

Read more →

AI, Apps, Cybersecurity, Exploits, Global Security News, Risk Management, Russia

Windows shell spoofing vulnerability puts sensitive data at risk

Microsoft and the US Cybersecurity and Infrastructure Security Agency (CISA) have sounded the alarm about a Windows shell spoofing vulnerability that is already being exploited by attackers. It is not clear by whom as yet, but the main suspects are hackers in Russia. CISA has mandated that all federal agencies patch this vulnerability, designated CVE-2026-32202, by…

Read more →

AI, Apps, Cybersecurity, Exploits, Global Security News, Risk Management, Russia

Windows shell spoofing vulnerability puts sensitive data at risk

Microsoft and the US Cybersecurity and Infrastructure Security Agency (CISA) have sounded the alarm about a Windows shell spoofing vulnerability that is already being exploited by attackers. It is not clear by whom as yet, but the main suspects are hackers in Russia. CISA has mandated that all federal agencies patch this vulnerability, designated CVE-2026-32202, by…

Read more →

AI, APAC, Compliance, Europe, Global Security News, Risk Management

AWS, Microsoft, & Google Cloud Converge Around AI-Led Growth

The “big three” hyperscalers, Amazon Web Services (AWS), Microsoft, and Google Cloud, have been especially active over the past 12 months, operating both as suppliers of in-demand data center capacity for AI model developers and as builders of their own models, services, and tools. While each has historically leaned into distinct strengths and target markets,…

Read more →

Global Security News

The Exchange Online security controls organizations keep getting wrong

In this Help Net Security interview, Scott Schnoll, Microsoft MVP for Exchange, breaks down the Shared Responsibility Model, where Microsoft secures the cloud while organizations must protect their own data, identities, and configurations. The discussion covers default settings worth changing tomorrow, including legacy protocols like SMTP AUTH that survive due to printer, scanner, and ERP…

Read more →

AI, Global Security News

Microsoft Patches Entra ID Role Flaw That Enabled Service Principal Takeover

An administrative role meant for artificial intelligence (AI) agents within Microsoft Entra ID could enable privilege escalation and identity takeover attacks, according to new findings from Silverfort. Agent ID Administrator is a privileged built-in role introduced by Microsoft as part of its agent identity platform to handle all aspects of an AI agent’s identity lifecycle…

Read more →

AI, Cybersecurity, Global Security News

Researchers Uncover 73 Fake VS Code Extensions Delivering GlassWorm v2 Malware

Cybersecurity researchers have flagged dozens of Microsoft Visual Studio Code (VS Code) extensions on the Open VSX repository that are linked to a persistent information-stealing campaign dubbed GlassWorm. The cluster of 73 extensions has been identified as cloned versions of their legitimate counterparts. Of these, six have been confirmed to be malicious, with the remaining…

Read more →

AI, APAC, Global Security News, Risk Management

Microsoft to offer voluntary retirement buyouts to about 7% of the US workforce

Microsoft will offer voluntary retirement buyouts to about 7% of its US workforce, or roughly 8,750 employees, in the first such program in the company’s 51-year history, as the technology industry restructures under the cost pressure of AI investment. The program, available to US-based employees at the senior director level and below, comes as large…

Read more →

AI, Apps, Global Security News

Microsoft Pushes Partners Deeper Into Copilot and AI Tools

Microsoft is expanding its AI channel strategy with new partner benefits, updated recognition programs, and additional tooling to accelerate enterprise adoption of Copilot, security, and agent-based offerings.  The moves show how the company is trying to turn strong AI demand into a more repeatable partner-led sales and services motion. Microsoft posts strong earnings across cloud…

Read more →

AI, Apps, Exploits, Global Security News, Risk Management

CVE-2026-40372: Critical ASP.NET Core Flaw May Let Attackers Gain SYSTEM Privileges

Microsoft has released out-of-band updates for CVE-2026-40372, a high-impact ASP.NET Core privilege-escalation vulnerability tied to the platform’s Data Protection cryptographic APIs. Public reporting says the flaw carries a CVSS score of 9.1 and could allow an unauthenticated attacker to forge authentication material and ultimately obtain SYSTEM privileges on affected systems. The issue stands out not…

Read more →

AI, APAC, Cybersecurity, Exploits, Global Security News, Risk Management

Microsoft taps Anthropic’s Mythos to strengthen secure software development

Microsoft plans to integrate Anthropic’s Mythos AI model into its Security Development Lifecycle, a move that suggests advanced generative AI is beginning to play a direct role in how major software vendors identify vulnerabilities and harden code against attack. The company said it will use Mythos Preview, along with other advanced models, as part of…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management

U.S. CISA adds a flaw in Microsoft Defender to its Known Exploited Vulnerabilities catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Microsoft Defender to its Known Exploited Vulnerabilities catalog The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Microsoft Defender, tracked as CVE-2026-33825 (CVSS score of 7.8), to its Known Exploited Vulnerabilities (KEV) catalog. CVE-2026-33825 is a Microsoft Defender flaw that can be exploited…

Read more →

AI, Apps, Exploits, Global Security News

Microsoft issues out-of-band patch for critical security flaw in update to ASP.NET Core

Developers are advised to check their applications after Microsoft revealed that last week’s ASP.NET Core update inadvertently introduced a serious security flaw into the web framework’s Data Protection Library. Microsoft describes the issue as a “regression,” coding jargon for an update that breaks something that was previously working correctly. In this case, what was introduced…

Read more →

AI, Data Breaches, Exploits, Global Security News, Network Security, Risk Management

Over 1,300 SharePoint Servers Still Exposed to Actively Exploited Spoofing Flaw

More than 1,300 internet-exposed Microsoft SharePoint servers remain unpatched against a spoofing flaw previously exploited as a zero-day. “Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network,” said Microsoft in its advisory. SharePoint Servers Still Exposed  The vulnerability, tracked as CVE-2026-32201, affects SharePoint Enterprise Server 2016, SharePoint…

Read more →

AI, Apps, Data Breaches, Exploits, Global Security News, Network Security, Risk Management

CVE-2026-40372: Microsoft Patches ASP.NET Core Privilege Escalation Vulnerability

Microsoft has released an out-of-band update to fix an ASP.NET Core vulnerability that could allow attackers to take full control of affected systems.  The flaw enables unauthenticated privilege escalation, increasing risk for enterprises running .NET workloads.  “Improper verification of cryptographic signature in ASP.NET Core allows an unauthorized attacker to elevate privileges over a network,” said…

Read more →

AI, Apps, Exploits, Global Security News, Network Security, Risk Management

Microsoft out-of-band updates fixed critical ASP.NET Core privilege escalation flaw

Microsoft fixed critical ASP.NET Core vulnerability, tracked as CVE-2026-40372 (CVSS score of 9.1), that lets attackers escalate privileges. Microsoft released out-of-band updates to address a serious ASP.NET Core vulnerability tracked as CVE-2026-40372 (CVSS score of 9.1). Microsoft fixed the flaw in ASP.NET Core version 10.0.7. An attacker could exploit the flaw to gain SYSTEM-level privileges, access…

Read more →

Global Security News

Microsoft Patches Critical ASP.NET Core CVE-2026-40372 Privilege Escalation Bug

Microsoft has released out-of-band updates to address a security vulnerability in ASP.NET Core that could allow an attacker to escalate privileges. The vulnerability, tracked as CVE-2026-40372, carries a CVSS score of 9.1 out of 10.0. It’s rated Important in severity. An anonymous researcher has been credited with discovering and reporting the flaw. “Improper verification of…

Read more →

AI, Endpoint, Exploits, Global Security News, malware, Risk Management

Attackers abuse Microsoft Teams to impersonate the IT helpdesk in a new enterprise intrusion playbook

Attackers are increasingly exploiting enterprise collaboration platforms such as Microsoft Teams to gain initial access, impersonating IT helpdesk staff and persuading employees to grant remote control, according to new research from Microsoft. In a blog post, Microsoft described a “cross-tenant helpdesk impersonation” technique in which threat actors initiate conversations with employees via Teams’ external access…

Read more →

AI, Exploits, Global Security News

Microsoft Defender under attack as three zero-days, two of them still unpatched, enable elevated access

Attackers exploit three Microsoft Defender zero-days, code-named BlueHammer, RedSun, and UnDefend, to gain elevated access. Attackers are exploiting three recently disclosed zero-day flaws in Microsoft Defender to gain higher privileges on compromised systems. The vulnerabilities, called BlueHammer, RedSun, and UnDefend, were revealed by a researcher known as Chaotic Eclipse after criticizing Microsoft’s handling of the…

Read more →

AI, Exploits, Global Security News

Another Microsoft Defender privilege escalation bug emerges days after patch

Days after Microsoft patched a high-severity issue affecting its Windows Defender antivirus tool through April’s Patch Tuesday, researchers warn of another vulnerability that could enable SYSTEM privileges through local escalation. In a newly disclosed proof-of-concept (PoC) exploit, dubbed “RedSun,” GitHub user going by the name “Nightmare Eclipse” demonstrated how Microsoft Defender’s handling of certain cloud-tagged…

Read more →

AI, Global Security News

Windows is getting stronger RDP file protections to fight phishing attacks

Microsoft has introduced new Windows protections starting with the April 2026 security update to reduce phishing attacks that abuse Remote Desktop (.rdp) files. With these updates, the Remote Desktop Connection app displays stronger warning dialogs before a connection is established, shows details about the remote system, and requires users to review any request to share…

Read more →

AI, Global Security News

Microsoft to cut Windows 365 price for SMBs

Microsoft will cut the price of Windows 365 subscriptions for small and mid-sized businesses by 20% next month, though analysts expect little impact on uptake of the Desktop-as-a-Service (DaaS) platform.  The price change for Windows 365 Business takes effect May 1, 2026 for new subscriptions; existing subscribers will receive updated pricing at renewal, Microsoft explained…

Read more →

AI, Apps, Cybersecurity, Exploits, Global Security News, malware, Network Security, Risk Management

U.S. CISA adds Microsoft SharePoint Server, and Microsoft Office Excel flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft SharePoint Server, and Microsoft Office Excel flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Apple, Laravel Livewire and Craft CMS flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: CVE-2009-0238 Microsoft Office Remote…

Read more →

Global Security News

April Patch Tuesday Fixes Critical Flaws Across SAP, Adobe, Microsoft, Fortinet, and More

A number of critical vulnerabilities impacting products from Adobe, Fortinet, Microsoft, and SAP have taken center stage in April’s Patch Tuesday releases. Topping the list is an SQL injection vulnerability impacting SAP Business Planning and Consolidation and SAP Business Warehouse (CVE-2026-27681, CVSS score: 9.9) that could result in the execution of arbitrary database 

Read more →

AI, Exploits, Global Security News, Network Security, Risk Management

Microsoft Patch Tuesday for April 2026 fixed actively exploited SharePoint zero-day

Microsoft Patch Tuesday security updates for April 2026 fixed 165 vulnerabilities, including an actively exploited SharePoint zero-day. Microsoft Patch Tuesday security updates addressed 165 vulnerabilities, making it one of the largest updates by CVE count. One of the most interesting flaws fixed by the IT giant is a critical SharePoint zero-day, tracked as CVE-2026-32201, already…

Read more →

AI, Exploits, Global Security News, Network Security, Risk Management

Patch Tuesday, April 2026 Edition

Microsoft today pushed software updates to fix a staggering 167 security vulnerabilities in its Windows operating systems and related software, including a SharePoint Server zero-day and a publicly disclosed weakness in Windows Defender dubbed “BlueHammer.” Separately, Google Chrome fixed its fourth zero-day of 2026, and an emergency update for Adobe Reader nixes an actively exploited…

Read more →

AI, Cybersecurity, Endpoint, Exploits, Global Security News, Network Security

Microsoft drops its second-largest monthly batch of defects on record

Microsoft addressed 165 vulnerabilities affecting its various products and underlying systems, including one actively exploited vulnerability in Microsoft Office SharePoint, in this month’s Patch Tuesday update.  “By my count, this is the second-largest monthly release in Microsoft’s history,” Dustin Childs, head of threat awareness at Trend Micro’s Zero Day Initiative, wrote in a blog post…

Read more →