microsoft
Microsoft April 2026 Patch Tuesday fixes 167 flaws, 2 zero-days
Today is Microsoft’s April 2026 Patch Tuesday with security updates for 167 flaws, including 2 zero-day vulnerabilities. This Patch Tuesday also addresses eight “Critical” vulnerabilities, 7 of which are remote code execution flaws and the other is a denial of service flaw. The number of bugs in each vulnerability category is listed below: When GeekFeed reports on […]
Microsoft releases Windows 10 KB5082200 extended security update
Microsoft has released the Windows 10 KB5082200 extended security update to fix the April 2026 Patch Tuesday vulnerabilities, including 2 zero-days. This update brings some interesting changes, including new Remote Desktop Protocol file phishing protections and new Windows Security indicators that provide the status of the rollout of new Secure Boot certificates. If you are running […]
Microsoft rolls out fast-track to reinstate Windows hardware dev accounts
Microsoft has rolled out a fast-track process to help developers regain access to accounts recently suspended from its Windows Hardware Program, following widespread complaints that they were locked out without warning. Last week, the company suspended Windows Hardware Developer accounts used to publish Windows drivers and updates for widely used tools like WireGuard, VeraCrypt, MemTest86, and Windscribe. The suspensions […]
Microsoft suspends dev accounts for high-profile open source projects
Microsoft has suspended developer accounts used to maintain multiple high-profile open-source projects without proper notification and no way to quickly reinstate them, effectively blocking them from publishing new software builds and security patches for Windows users. The list of affected projects includes, but is not limited to, Virtual Private Network (VPN) software WireGuard, on-the-fly encryption […]
Microsoft removes Support and Recovery Assistant from Windows
Microsoft has deprecated and removed the Support and Recovery Assistant (SaRA) command-line utility from all in-support versions of Windows updates starting March 10. SaRA is a free scriptable tool that helps troubleshoot and resolve common issues with Office, Microsoft 365, Outlook, and Windows by running a series of automated diagnostic tests on Windows 7, Windows […]
Microsoft links Medusa ransomware affiliate to zero-day attacks
Microsoft says that Storm-1175, a China-based financially motivated cybercriminal group known for deploying Medusa ransomware payloads, has been deploying n-day and zero-day exploits in high-velocity attacks. This cybercrime gang quickly shifts to targeting new security vulnerabilities to gain access to its victims’ networks, weaponizing some of them within a day and, in some cases, exploiting […]
LinkedIn secretly scans for 6,000+ Chrome extensions, collects data
A new report dubbed “BrowserGate” warns that Microsoft’s LinkedIn is using hidden JavaScript scripts on its website to scan visitors’ browsers for installed extensions and collect device data. According to a report by Fairlinked e.V., which claims to be an association of commercial LinkedIn users, Microsoft’s platform injects JavaScript into user sessions that checks for thousands of […]
Microsoft still working to fix Exchange Online mailbox access issues
Microsoft is investigating and working to resolve Exchange Online mailbox access issues that have intermittently affected Outlook mobile and macOS users for weeks. When it first acknowledged this service issue (tracked under EX1256020) last week, Microsoft said the root cause was a newly introduced virtual account. While the company flagged it as resolved on April 1, […]
Microsoft now force upgrades unmanaged Windows 11 24H2 PCs
Starting this week, Microsoft has begun force-upgrading unmanaged devices running Windows 11 24H2 Home and Pro editions to Windows 11 25H2. According to the company’s Lifecycle Policy site, Windows 11 24H2 will reach end of support in roughly six months, on October 13, 2026. Also known as the Windows 11 2025 Update, Windows 11 25H2 began rolling […]
New EvilTokens service fuels Microsoft device code phishing attacks
A new malicious kit called EvilTokens integrates device code phishing capabilities, allowing attackers to hijack Microsoft accounts and provide advanced features for business email compromise attacks. The kit is sold to cybercriminals over Telegram and is under continuous development, its author stating that they plan to extend support for Gmail and Okta phishing pages. Device […]