Three Windows Zero-Days
Three Windows vulnerabilities have been recently discovered – BlueHammer, RedSun, and UnDefend.
Read MoreMicrosoft
Microsoft Halts Forced Copilot Installs
Microsoft has temporarily stopped the planned automatic installation of the Copilot app on Windows devices with 365 desktop apps. Existing installs remain in place, and admins can still deploy the app manually.
Read MoreWindows 11 January Update: PCs Can’t Shut Down
A January 2026 Windows 11 update (KB5073455) is causing some Secure Launch enabled Enterprise and IoT devices to restart instead of shutting down or hibernating. A similar update causes Outlook to freeze as well.
Read MoreWindows 11 Updates Hides Password Sign In Option
Recent Windows 11 updates hide the password icon on the lock screen, but Microsoft says users can still log in by clicking the invisible button where the icon should be.
Read MoreMicrosoft Teams Flaws Allowed Message Spoofing And Executive Impersonation
Four now-patched Microsoft Teams vulnerabilities let attackers spoof executives, edit messages without the edit tag, and forge caller identities.
Read MoreMicrosoft Patches 9.9-Rated ASP.NET Core Request-Smuggling Flaw
Microsoft fixed CVE-2025-55315, a Kestrel request-smuggling bug rated 9.9 (Critical). Updates for ASP.NET Core and Visual Studio are available; admins should patch and restart affected apps.
Read MoreWindows 10 Support Ends October 14, What Can I Do?
Windows 10 support ends October 14, 2025. One extra year of security updates is available via ESU.
Read MoreWindows Update Causing SSD Failures? Microsoft Says No, But It’s Still Happening
Microsoft says it found no link between the August 2025 KB5063878 update and reported SSD/HDD failures, yet they are still happening.
Read MoreMicrosoft and CISA Warn of High-Severity Exchange Hybrid Flaw
A new flaw affecting Microsoft Exchange Server 2016, 2019, and Subscription Edition has been disclosed. Patch is available, and Microsoft urges companies to create and use the dedicated Exchange hybrid app instead.
Read MorePSA: Active exploitation of Microsoft SharePoint “ToolShell” flaws, Targeting Organizations and Allowing Remote Code Execution
New “ToolShell” exploit chain is actively being used to compromise SharePoint servers.
Read More