-
The Cybersecurity and Infrastructure Security Agency (CISA), working alongside the National Security Agency and international cybersecurity partners, has released a comprehensive security guidance document focused on hardening Microsoft Exchange server…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In a timely response to escalating threats against email infrastructure, the Cybersecurity and Infrastructure Security Agency (CISA), alongside the National Security Agency (NSA), Australian Cyber Security Centre (ACSC), and Canadian Centre for Cyber Security, released a comprehensive guide on October 2025 outlining best practices for securing on-premises Microsoft Exchange Servers. Titled “Microsoft Exchange Server Security […] The post CISA Releases Best Security Practices Guide for Hardening Microsoft Exchange Server appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has addressed a critical privilege escalation vulnerability affecting Windows environments worldwide. Attackers can exploit misconfigured Service Principal Names (SPNs) combined with Kerberos reflection attacks to gain SYSTEM-level access on …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft addressed a critical race condition vulnerability affecting its Windows Cloud Files Minifilter driver in October 2025. The flaw, assigned CVE-2025-55680, was originally discovered in March 2024 and represents a significant security concern fo…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft reported a DNS-related outage on October 29, 2025, affecting access to key services, including Microsoft Azure and Microsoft 365. The issue surfaced around 9:37 PM GMT+5:30, leaving users unable to reach the Microsoft 365 admin center and experiencing widespread delays in other applications. Businesses relying on these platforms for email, collaboration tools, and cloud […] The post Microsoft DNS Outage Disrupts Azure and Microsoft 365 Services Worldwide appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Australia’s competition regulator has filed legal proceedings against Microsoft for allegedly misleading approximately 2.7 million Australian consumers regarding subscription options and pricing for Microsoft 365 plans. The Australian Competition and Consumer Commission claims that Microsoft deliberately concealed the availability of cheaper alternative plans when integrating its AI assistant Copilot into subscription offerings. The core of […] The post Microsoft Sued for Allegedly Misleading Millions to Subscribe for Microsoft 365 Subscriptions appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has released a critical security update addressing a severe vulnerability in ASP.NET Core that could enable attackers to execute HTTP request smuggling attacks. On October 14, 2025, the company issued patches for CVE-2025-55315, a security fe…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Active Directory domain join accounts are systematically exposing enterprise environments to compromise, even when administrators follow Microsoft’s official guidance. A comprehensive security analysis reveals that these specialized accounts inhe…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has rolled out a significant security enhancement to Windows File Explorer, automatically disabling the preview pane for files downloaded from the internet as part of security updates released on and after October 14, 2025. This proactive mea…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have discovered a sophisticated method that allows attackers to steal access tokens from Microsoft Teams, potentially granting unauthorized access to sensitive corporate communications, emails, and SharePoint documents. The attack …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
