Microsoft Archives

Microsoft: Hackers abuse OAuth error flows to spread malware

Hackers are abusing the legitimate OAuth redirection mechanism to bypass phishing protections in email and browsers to take users to malicious pages. The attacks target government and public-sector organizations with phishing links that prompt users to authenticate to a malicious application, Microsoft Defender researchers say. with e-signature requests, Social Security notices, meeting invitations, password resets, […]

02 Mar

Florida woman imprisoned for massive Microsoft license fraud scheme

A Florida woman was sentenced to 22 months in prison for running a massive years-long scheme to traffic thousands of stolen Microsoft Certificate of Authenticity (COA) labels. 52-year-old Heidi Richards (also known as Heidi Hastings, Heidi Shaffer, and Heidi Williams), who operated an e-commerce business called Trinity Software Distribution, was also ordered to pay a […]

27 Feb

Microsoft testing Windows 11 batch file security improvements

Microsoft is rolling out new Windows 11 Insider Preview builds that improve security and performance during batch file or CMD script execution. As Microsoft explained today, IT administrators can now enable a more secure processing mode that prevents batch files from being modified while they run by adding the LockBatchFilesInUse registry value under HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor. […]

24 Feb

Microsoft adds Copilot data controls to all storage locations

Microsoft is expanding data loss prevention (DLP) controls to block the Microsoft 365 Copilot AI assistant from processing confidential Word, Excel, and PowerPoint documents, regardless of their location. Currently, Microsoft Purview DLP policies apply only to files stored in SharePoint or OneDrive, but not to those stored on local devices. This change will be deployed through […]

23 Feb

Microsoft says bug in classic Outlook hides the mouse pointer

Microsoft is investigating a known issue that causes the mouse pointer to disappear in the classic Outlook desktop email client for some users. This bug has been acknowledged almost two months after the first reports started surfacing online, with users saying that Outlook became unusable after the mouse pointer vanished while using the app. “My […]

18 Feb

Microsoft: Anti-phishing rules mistakenly blocked emails, Teams messages

Microsoft says an Exchange Online issue that mistakenly quarantined legitimate emails last week was triggered by faulty heuristic detection rules designed to block credential phishing campaigns. As Microsoft explains in a preliminary post-incident report published this week, a software error in its email security system incorrectly flagged thousands of legitimate URLs as phishing links for nearly […]

18 Feb

Microsoft says bug causes Copilot to summarize confidential emails

Microsoft says a Microsoft 365 Copilot bug has been causing the AI assistant to summarize confidential emails since late January, bypassing data loss prevention (DLP) policies that organizations rely on to protect sensitive information. According to a service alert seen by BleepingComputer, this bug (tracked under CW1226324 and first detected on January 21) affects the Copilot […]

17 Feb

Microsoft Teams outage affects users in United States, Europe

Microsoft is working to resolve an ongoing outage affecting Microsoft Teams users, causing delays and preventing some from accessing the service. According to user reports on the outage-tracking platform DownDetector, this ongoing incident is causing problems when joining meetings with the Teams desktop client, accessing the Teams app, and signing in. “Users may experience delays and […]

13 Feb

CISA flags critical Microsoft SCCM flaw as exploited in attacks

CISA ordered U.S. government agencies on Thursday to secure their systems against a critical Microsoft Configuration Manager vulnerability patched in October 2024 and now exploited in attacks. Microsoft Configuration Manager (also known as ConfigMgr and formerly System Center Configuration Manager, or SCCM) is an IT administration tool for managing large groups of Windows servers and […]