microsoft
New FlowerStorm Microsoft phishing service fills void left by Rockstar2FA
A new Microsoft 365 phishing-as-a-service platform called “FlowerStorm” is growing in popularity, filling the void left behind by the sudden shutdown of the Rockstar2FA cybercrime service. First documented by Trustwave in late November 2024, Rockstar2FA operated as a PhaaS platform facilitating large-scale adversary-in-the-middle (AiTM) attacks targeting Microsoft 365 credentials. The service offered advanced evasion mechanisms, a user-friendly panel, and numerous […]
Microsoft 365 users hit by random product deactivation errors
Microsoft is investigating a known issue triggering “Product Deactivated” errors for customers using Microsoft 365 Office apps. According to online user reports on Reddit and Microsoft’s own community website, affected users randomly received these “Product Deactivated” errors in Office apps, prompting confusion and disruptions. As Redmond explained in a support document published on Thursday, these problems stem from licensing changes initiated by […]
Windows 11 24H2 upgrades blocked on some PCs due to audio issues
Microsoft has added another Windows 11 24H2 upgrade block for systems with Dirac audio improvement software due to compatibility issues breaking sound output. This known issue only affects PCs with cridspapo.dll, and it causes applications to stop detecting audio devices connected to affected devices. “The incompatibility relates to the software component cridspapo.dll, which is part […]
Microsoft says Auto HDR causes game freezes on Windows 11 24H2
Microsoft is now blocking Windows 11 24H2 upgrades on systems with Auto HDR enabled due to a compatibility issue that causes game freezes. Auto HDR is a Windows feature that automatically increases the color range and brightness from SDR (Standard Dynamic Range) to HDR in games on systems with HDR-capable displays. While Redmond has confirmed that […]
HubSpot phishing targets 20,000 Microsoft Azure accounts
A phishing campaign targeting automotive, chemical, and industrial manufacturing companies in Germany and the UK is abusing HubSpot to steal Microsoft Azure account credentials. The threat actors use HubSpot Free Form Builder links and DocuSign-mimicking PDFs to redirect victims to credential-harvesting pages. According to Palo Alto Networks’ Unit 42 team of researchers, the campaign, which […]
Malicious Microsoft VSCode extensions target devs, crypto community
Malicious Visual Studio Code extensions were discovered on the VSCode marketplace that download heavily obfuscated PowerShell payloads to target developers and cryptocurrency projects in supply chain attacks. In a report by Reversing Labs, researchers say the malicious extensions first appeared in the VSCode marketplace in October. “Throughout October 2024, the RL research team saw a […]
Windows 10 KB5048652 update fixes new motherboard activation bug
Microsoft has released the KB5048652 cumulative update for Windows 10 22H2, which contains six fixes, including a fix that prevented Windows 10 from activating when you change a device’s motherboard. The Windows 10 KB5048652 update is mandatory as it contains Microsoft’s December 2024 Patch Tuesday security updates. Windows users can install this update by going into Settings, clicking on Windows […]
Microsoft December 2024 Patch Tuesday fixes 1 exploited zero-day, 71 flaws
Today is Microsoft’s December 2024 Patch Tuesday, which includes security updates for 71 flaws, including one actively exploited zero-day vulnerability. This Patch Tuesday fixed sixteen critical vulnerabilities, all of which are remote code execution flaws. The number of bugs in each vulnerability category is listed below: This count does not include two Edge flaws that were […]
Windows 11 KB5048667 & KB5048685 cumulative updates released
Microsoft has released the Windows 11 KB5048667 and KB5048685 cumulative updates for versions 24H2 and 23H2 to fix security vulnerabilities and issues. Both KB5048667 and KB5048685 are mandatory cumulative updates as they contain the December 2024 Patch Tuesday security updates for vulnerabilities discovered in previous months. Windows 11 users can install today’s update by going to Start > Settings > Windows Update and clicking on ‘Check for Updates.’ You can […]
Microsoft 365 outage takes down Office web apps, admin center
Microsoft is investigating a widespread and ongoing Microsoft 365 outage impacting Office web apps and the Microsoft 365 admin center. Since this incident started hours ago, Downdetector has received user reports complaining about problems connecting to Outlook, OneDrive, and other Office 365 apps and services. Affected customers see “We’re experiencing a service outage. All of your open […]