microsoft
Microsoft pays record $17 million in bounties over the last 12 months
Microsoft paid a record $17 million this year to 344 security researchers across 59 countries through its bug bounty program. Between July 2024 and June 2025, the researchers submitted a total of 1,469 eligible vulnerability reports, with the highest individual bounty reaching $200,000. These reports helped resolve more than 1,000 potential security vulnerabilities across various […]
Microsoft increases Zero Day Quest prize pool to $5 million
Microsoft will offer up to $5 million in bounty awards at this year’s Zero Day Quest hacking contest, which the company describes as the “largest hacking event in history.” Last year’s Zero Day Quest has also generated significant participation from the security community, following Microsoft’s offer of $4 million in rewards for vulnerabilities in cloud and AI products […]
Microsoft: Outdated Office apps lose access to voice features in January
Microsoft announced that the transcription, dictation, and read aloud features will stop working in older versions of Office 365 applications in late January 2026. Read aloud lets users hear documents and emails read back, transcription converts speech into text in real-time, and the dictation feature allows for voice-to-text input across Office applications. The company advised customers to update their Microsoft […]
Microsoft to disable Excel workbook links to blocked file types
Microsoft has announced that it will start disabling external workbook links to blocked file types by default between October 2025 and July 2026. After the rollout, Excel workbooks referencing blocked file types will display a #BLOCKED error or fail to refresh, eliminating security risks associated with accessing unsupported or high-risk file types, including, but not […]
Microsoft now pays up to $40,000 for some .NET vulnerabilities
Microsoft has expanded its .NET bug bounty program and increased rewards to $40,000 for some .NET and ASP.NET Core vulnerabilities. Madeline Eckert, a senior program manager for Researcher Incentives and Bounty at Microsoft, stated that these changes aim to more accurately reflect the complexity involved in discovering and exploiting .NET vulnerabilities. “We’re excited to announce […]
Microsoft Edge now an ‘AI-powered browser’ with Copilot Mode
Microsoft has introduced Copilot Mode, an experimental feature designed to transform Microsoft Edge into a web browser powered by artificial intelligence (AI). As the company explained on Monday, this new mode transforms Edge’s interface, with new tabs showing a single input box that combines chat, search, and web navigation functions. Once Copilot Mode is enabled, the AI […]
Microsoft will stop supporting Windows 11 22H2 in October
Microsoft has reminded customers today that the last supported editions of Windows 11 22H2 will reach their end of servicing on October 14. This announcement applies to Windows 11 22H2 Enterprise, Education, and IoT Enterprise editions, released on September 20, 2022, and follows the end of service for the Home and Pro editions, which occurred last October. “The October 2025 […]
Microsoft investigates outage affecting Microsoft 365 admin center
Microsoft is investigating an ongoing outage blocking Microsoft 365 administrators with business or enterprise subscriptions from accessing the admin center. While the company has yet to disclose which regions are currently affected by this ongoing service degradation issue, it’s currently tracking it on its official service health status page to provide impacted organizations with access […]
Microsoft lifts Windows 11 update block for Easy Anti-Cheat users
Microsoft has removed a compatibility hold that prevented some Easy Anti-Cheat users from installing the Windows 11 2024 Update because of a known issue that triggers restarts with blue screen of death (BSOD) errors. When it acknowledged the bug last month, the company confirmed the issue impacted devices running Easy Anti-Cheat, a popular anti-cheating service installed with hundreds […]
Microsoft: SharePoint servers also targeted in ransomware attacks
A China-based hacking group is deploying Warlock ransomware on Microsoft SharePoint servers vulnerable to widespread attacks targeting the recently patched ToolShell zero-day exploit chain. Non-profit security organization Shadowserver is currently tracking over 420 SharePoint servers that are exposed online and remain vulnerable to these ongoing attacks. “Although Microsoft has observed this threat actor deploying Warlock and Lockbit ransomware in the past, Microsoft […]