microsoft
Florida woman imprisoned for massive Microsoft license fraud scheme
A Florida woman was sentenced to 22 months in prison for running a massive years-long scheme to traffic thousands of stolen Microsoft Certificate of Authenticity (COA) labels. 52-year-old Heidi Richards (also known as Heidi Hastings, Heidi Shaffer, and Heidi Williams), who operated an e-commerce business called Trinity Software Distribution, was also ordered to pay a […]
Microsoft testing Windows 11 batch file security improvements
Microsoft is rolling out new Windows 11 Insider Preview builds that improve security and performance during batch file or CMD script execution. As Microsoft explained today, IT administrators can now enable a more secure processing mode that prevents batch files from being modified while they run by adding the LockBatchFilesInUse registry value under HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor. Policy authors can […]
Microsoft expands Windows restore to more enterprise devices
Microsoft now allows more enterprise users to restore their personal settings and Microsoft Store apps from a previous Windows 11 device. The feature, known as the first sign-in restore experience, is part of Windows Backup for Organizations, an enterprise-grade backup tool that helps simplify backups and migrate to Windows 11 more easily. It allows users who […]
Fake Next.js job interview tests backdoor developer’s devices
A coordinated campaign targeting software developers with job-themed lures is using malicious repositories posing as legitimate Next.js projects and technical assessment materials, including recruiting coding tests. The attacker’s goal is to achieve remote code execution (RCE) on developer machines, exfiltrate sensitive data, and introduce additional payloads on compromised systems. Multiple execution triggers Next.js is a popular […]
Windows 11 KB5077241 update improves BitLocker, adds Sysmon tool
Microsoft has released the KB5077241 optional cumulative update for Windows 11, which comes with 29 changes, including improvements to BitLocker, a new network speed test tool, and native System Monitor (Sysmon) functionality. KB5077241 is a preview update delivered at the end of each month that allows admins to test Windows bug fixes, new features, and improvements before they’re […]
Microsoft adds Copilot data controls to all storage locations
Microsoft is expanding data loss prevention (DLP) controls to block the Microsoft 365 Copilot AI assistant from processing confidential Word, Excel, and PowerPoint documents, regardless of their location. Currently, Microsoft Purview DLP policies apply only to files stored in SharePoint or OneDrive, but not to those stored on local devices. This change will be deployed through […]
Microsoft says bug in classic Outlook hides the mouse pointer
Microsoft is investigating a known issue that causes the mouse pointer to disappear in the classic Outlook desktop email client for some users. This bug has been acknowledged almost two months after the first reports started surfacing online, with users saying that Outlook became unusable after the mouse pointer vanished while using the app. “My […]
Microsoft says bug causes Copilot to summarize confidential emails
Microsoft says a Microsoft 365 Copilot bug has been causing the AI assistant to summarize confidential emails since late January, bypassing data loss prevention (DLP) policies that organizations rely on to protect sensitive information. According to a service alert seen by GeekFeed, this bug (tracked under CW1226324 and first detected on January 21) affects the Copilot “work […]
Microsoft Teams outage affects users in United States, Europe
Microsoft is working to resolve an ongoing outage affecting Microsoft Teams users, causing delays and preventing some from accessing the service. According to user reports on the outage-tracking platform DownDetector, this ongoing incident is causing problems when joining meetings with the Teams desktop client, accessing the Teams app, and signing in. “Users may experience delays and failures when sending […]
New ClickFix attack abuses nslookup to retrieve PowerShell payload via DNS
Threat actors are now abusing DNS queries as part of ClickFix social engineering attacks to deliver malware, making this the first known use of DNS as a channel in these campaigns. ClickFix attacks typically trick users into manually executing malicious commands under the guise of fixing errors, installing updates, or enabling functionality. However, this new […]