microsoft
HP pulls update that broke Microsoft Entra ID auth on some AI PCs
HP has pulled an HP OneAgent software update for Windows 11 that mistakenly deleted Microsoft certificates required for some organizations to log in to Microsoft Entra ID, disconnecting them from their company’s cloud environments. The bug was discovered by Patch My PC’s Rudy Ooms, who traced it to a silent, background update deployed by HP to its AI PC devices. […]
Meet the new Clippy: Microsoft unveils Copilot’s “Mico” avatar
Today, Microsoft introduced Mico, a new and more personal avatar for the AI-powered Copilot digital assistant, which the company describes as human-centered. This new avatar is designed to be more supportive and empathetic, but will also push back when presented with incorrect information, “always respectfully.” According to Microsoft, Mico also listens, learns, and “earns your […]
Microsoft disables File Explorer preview for downloads to block attacks
Microsoft says that the File Explorer (formerly Windows Explorer) now automatically blocks previews for files downloaded from the Internet to block credential theft attacks via malicious documents. The change is already live for users who have installed this month’s Patch Tuesday security updates on Windows 11 and Windows Server systems. As Redmond explains in a support […]
Microsoft: Recent Windows updates cause login issues on some PCs
Microsoft has confirmed that Windows updates released since August 29, 2025, are breaking authentication on systems sharing Security Identifiers. Windows uses unique alphanumeric strings known as Security Identifiers (SIDs) to track and manage user accounts, groups, and computer accounts. SIDs are also used internally by the operating system for access control, permissions management, and security auditing, […]
Microsoft: Hackers target universities in “payroll pirate” attacks
A cybercrime gang tracked as Storm-2657 has been targeting university employees in the United States to hijack salary payments in “pirate payroll” attacks since March 2025. Microsoft Threat Intelligence analysts who spotted this campaign found that the threat actors are targeting Workday accounts; however, other third-party human resources (HR) software-as-a-service (SaaS) platforms could also be […]
Microsoft: Windows Backup now available for enterprise users
Microsoft announced this week the general availability of Windows Backup for Organizations, a new enterprise-grade backup tool that helps simplify backups and makes the transition to Windows 11 easier. First announced at the Microsoft Ignite conference in November 2024, this opt-in feature is turned off by default and has been available in public preview since May 2025. […]
Azure outage blocks access to Microsoft 365 services, admin portals
Microsoft is working to resolve an outage affecting its Azure Front Door content delivery network (CDN), which is preventing customers from accessing some Microsoft 365 services. According to Redmond, the incident began around 07:40 UTC, with delays and timeouts across Europe, Africa, and the Middle East when connecting to the Azure and Entra portals. Since […]
Microsoft enables Exchange Online auto-archiving by default
Microsoft is enabling threshold-based auto-archiving by default in Exchange Online to prevent email flow issues caused by mailboxes filling up faster than expected. While users can also configure messaging records management (MRM) time-based archive policies that provide automatic archival every two years, for example, these policies aren’t effective when dealing with high volumes of incoming emails […]
Microsoft kills more Microsoft Account bypasses in Windows 11
Microsoft is removing more methods that help users create local Windows accounts and bypass the Microsoft account requirement when installing Windows 11. The change was introduced in the Windows 11 Insider Preview Build 26220.6772 (KB5065797) for Insiders in the Dev Channel, indicating that it will likely be included in future production builds. The company claimed […]
Microsoft: Critical GoAnywhere bug exploited in ransomware attacks
A cybercrime group, tracked as Storm-1175, has been actively exploiting a maximum severity GoAnywhere MFT vulnerability in Medusa ransomware attacks for nearly a month. Tracked as CVE-2025-10035, this security flaw impacts Fortra’s web-based secure transfer GoAnywhere MFT tool, caused by a deserialization of untrusted data weakness in the License Servlet. This vulnerability can be exploited remotely in low-complexity […]