windows
Microsoft to disable NTLM by default in future Windows releases
Microsoft announced that it will disable the 30-year-old NTLM authentication protocol by default in upcoming Windows releases due to security vulnerabilities that expose organizations to cyberattacks. NTLM (short for New Technology LAN Manager) is a challenge-response authentication protocol introduced in 1993 with Windows NT 3.1 and is the successor to the LAN Manager (LM) protocol. Kerberos has superseded NTLM and […]
Windows 11 KB5074105 update fixes boot, sign-in, and activation issues
Microsoft has released the KB5074105 preview cumulative update for Windows 11 systems, which includes 32 changes, including fixes for sign-in, boot, and activation issues. KB5074105 is an optional update that delivers updates at the end of each month, allowing admins to test Windows bug fixes, new features, and improvements that will be generally available during next month’s Patch […]
Microsoft shares workaround for Outlook freezes after Windows update
Microsoft shared a temporary workaround for customers experiencing Outlook freezes after installing this month’s Windows security updates. As explained one week ago, when Microsoft acknowledged the issue, the bug causes the classic Outlook desktop client to hang for users with POP email accounts who have deployed the KB5074109 security update on Windows 11 25H2 and 24H2 systems. Other […]
Microsoft releases OOB Windows updates to fix shutdown, Cloud PC bugs
Microsoft has released multiple emergency, out-of-band updates for Windows 10, Windows 11, and Windows Server to fix two issues caused by the January Patch Tuesday updates. The first issue impacts Windows 11, Windows 10, and Windows Server and blocks access to Microsoft 365 Cloud PC sessions. After installing the January 2026 security updates, some users […]
Microsoft: Windows 11 update causes Outlook freezes for POP users
Microsoft is investigating widespread reports that a January Windows 11 security update is causing the classic Outlook desktop client to freeze and hang for users with POP email accounts. POP (Post Office Protocol) is an email retrieval protocol used for downloading emails from a server to a local device. While POP isn’t as widely used […]
Microsoft: Some Windows PCs fail to shut down after January update
Microsoft has confirmed a new issue that prevents Windows 11 23H2 devices with System Guard Secure Launch enabled from shutting down. System Guard Secure Launch is a Windows security feature designed to protect the boot process from firmware-level attacks and malware such as rootkits. According to a release health dashboard update on Thursday, this known […]
Reprompt attack let hackers hijack Microsoft Copilot sessions
Researchers identified an attack method dubbed “Reprompt” that could allow attackers to infiltrate a user’s Microsoft Copilot session and issue commands to exfiltrate sensitive data. By hiding a malicious prompt inside a legitimate URL and bypassing Copilot’s protections, a hacker could maintain access to a victim’s LLM session after the user clicks on a single […]
Microsoft January 2026 Patch Tuesday fixes 3 zero-days, 114 flaws
Today is Microsoft’s January 2026 Patch Tuesday with security updates for 114 flaws, including one actively exploited and two publicly disclosed zero-day vulnerabilities. This Patch Tuesday also addresses eight “Critical” vulnerabilities, 6 of which are remote code execution flaws and 2 are elevation-of-privilege flaws. The number of bugs in each vulnerability category is listed below: When […]
New Windows updates replace expiring Secure Boot certificates
Microsoft has started automatically replacing expiring Secure Boot certificates on eligible Windows 11 24H2 and 25H2 systems. Secure Boot is a security feature that blocks malicious software (like rootkit malware) from executing during the system startup sequence by ensuring that only trusted bootloaders can load on computers with UEFI firmware. This is done by checking the software’s digital signature […]
Fake MAS Windows activation domain used to spread PowerShell malware
A typosquatted domain impersonating the Microsoft Activation Scripts (MAS) tool was used to distribute malicious PowerShell scripts that infect Windows systems with the ‘Cosmali Loader’. GeekFeed has found that multiple MAS users began reporting on Reddit [1, 2] yesterday that they received pop-up warnings on their systems about a Cosmali Loader infection. You have been infected by a malware […]