windows server
Recently leaked Windows zero-days now exploited in attacks
Threat actors are exploiting three recently disclosed Windows security vulnerabilities in attacks aimed at gaining SYSTEM or elevated administrator permissions. Since the start of the month, a security researcher known as “Chaotic Eclipse” or “Nightmare-Eclipse” has published proof-of-concept exploit code for all three security issues in protest to how Microsoft’s Security Response Center (MSRC) handled […]
New Microsoft Defender “RedSun” zero-day PoC grants SYSTEM privileges
A researcher known as “Chaotic Eclipse” has published a proof-of-concept exploit for a second Microsoft Defender zero-day, dubbed “RedSun,” in the past two weeks, protesting how the company works with cybersecurity researchers. This exploit is for a local privilege escalation (LPE) flaw that grants SYSTEM privileges in Windows 10, Windows 11, and Windows Server on […]
Microsoft: April Windows Server 2025 update may fail to install
Microsoft is investigating an issue causing this month’s KB5082063 security update to fail to install on some Windows Server 2025 systems. On affected systems, users are also reporting seeing 0x800F0983 install errors when trying to deploy the April 2026 cumulative updates. “Microsoft is monitoring diagnostic data reports on update installation failures and has observed a […]
Microsoft: April updates trigger BitLocker key prompts on some servers
Microsoft confirmed on Tuesday that some Windows Server 2025 devices will boot into BitLocker recovery after installing the April 2026 KB5082063 Windows security update. BitLocker is a Windows security feature that encrypts storage drives to prevent data theft. Windows computers typically enter BitLocker recovery mode after hardware changes or events such as TPM (Trusted Platform […]
Microsoft fixes bug behind Windows Server 2025 automatic upgrades
Microsoft has finally fixed a known issue that was causing systems running Windows Server 2019 and 2022 to “unexpectedly” upgrade to Windows Server 2025. The issue was first acknowledged by Microsoft in September 2024, following widespread reports from Windows admins regarding servers that had been automatically upgraded overnight to a Windows Server version for which they didn’t even have a license. […]
Microsoft to disable NTLM by default in future Windows releases
Microsoft announced that it will disable the 30-year-old NTLM authentication protocol by default in upcoming Windows releases due to security vulnerabilities that expose organizations to cyberattacks. NTLM (short for New Technology LAN Manager) is a challenge-response authentication protocol introduced in 1993 with Windows NT 3.1 and is the successor to the LAN Manager (LM) protocol. Kerberos has superseded NTLM and […]
Microsoft releases emergency OOB update to fix Outlook freezes
Microsoft has released emergency, out-of-band updates on Saturday for Windows 10, Windows 11, and Windows Server to fix an issue that prevented Microsoft Outlook classic from opening when using PSTs stored in cloud storage. Since Microsoft released the January 2026 Patch Tuesday updates, Outlook app users have been encountering freezes when opening the application if a PST […]
Microsoft shares workaround for Outlook freezes after Windows update
Microsoft shared a temporary workaround for customers experiencing Outlook freezes after installing this month’s Windows security updates. As explained one week ago, when Microsoft acknowledged the issue, the bug causes the classic Outlook desktop client to hang for users with POP email accounts who have deployed the KB5074109 security update on Windows 11 25H2 and 24H2 systems. Other […]
Microsoft updates Windows DLL that triggered security alerts
Microsoft has resolved a known issue that was causing security applications to flag a core Windows component, the company said in a service alert posted this week. The list of affected systems is quite extensive and includes both client (Windows 10 and Windows 11) and server (Windows Server 2012 through Windows Server 2025) platforms. According […]
Microsoft asks admins to reach out for Windows IIS failures fix
Microsoft has asked businesses to reach out for advice on how to temporarily mitigate a known Message Queuing (MSMQ) issue causing enterprise apps and Internet Information Services (IIS) sites to fail. MSMQ is an optional Windows service commonly used in enterprise environments that helps apps communicate over a network. The known issue mainly affects enterprise users with Windows 10 22H2, Windows […]