Rabia Noureen

The US Cybersecurity and Infrastructure Security Agency has warned about a critical remote code execution (RCE) vulnerability in Microsoft Configuration Manager (ConfigMgr/SCCM). The vulnerability has rapidly escalated into a significant national‑level concern following the release of public exploit code. Microsoft Configuration Manager is an enterprise management platform that helps organizations centrally deploy software, enforce security…

Microsoft Sentinel is getting new updates aimed at improving how security teams understand and investigate risk. The latest changes add new connectors, clearer analytics, and more integrated insights to help teams work more efficiently across their environments. Microsoft has introduced new out-of-the-box connectors to simplify the onboarding of security data across cloud, SaaS, and on-premises…

Microsoft has started testing native System Monitor (Sysmon) integration in Windows 11, bringing advanced system activity monitoring directly into the OS. The feature is currently rolling out to Windows Insiders in the Dev and Beta channels for early evaluation. What is Sysmon? Microsoft first announced its plans to introduce native Sysmon functionality into Windows 11…

Russian-hackers are exploiting a high-severity vulnerability that is affecting multiple versions of Microsoft Office. This security flaw could allow hackers to steal emails and deploy malicious payloads against organizations in Central and Eastern Europe. Specifically, CVE‑2026‑21509 is a security feature bypass vulnerability in Microsoft Office, which is triggered when victims open specially crafted RTF documents….

Microsoft has dropped support for Transport Layer Security (TLS) versions 1.0 and 1.1 for Azure Blob Storage. The company has published a guide to help organizations in migrating clients to newer, more secure encryption standards. TLS is a widely used security protocol that encrypts data in transit between clients and servers, and ensures confidentiality, integrity,…

Microsoft is preparing to retire its standalone SharePoint Online and OneDrive for Business subscriptions (Plan 1 and Plan 2). Commercial customers using these plans will be required to migrate to alternative Microsoft offerings over the coming years as part of a phased transition. What SharePoint Online and OneDrive for Business plans offer? SharePoint Online Plan…

As enterprise AI adoption accelerates, organizations are increasingly turning to platforms designed for their own regions rather than global, one-size-fits-all solutions. Gartner predicts this shift will be dramatic, with the share of businesses using region-specific AI expected to surge from a small minority today to more than a third by 2027. According to new research…

Last month, Microsoft rolled out an out-of-band update to fix a bug that prevented some Windows devices from shutting down or hibernating properly. The company has now acknowledged that this issue also affects Secure Launch-capable PCs with Virtual Secure Mode (VSM) enabled. Secure Launch and Virtual Secure Mode (VSM) are Windows security technologies designed to…

Microsoft is moving to a more secure authentication posture by disabling New Technology LAN Manager (NTLM) by default and shifting to stronger, Kerberos-based authentication. The company has published a phased roadmap to give organizations time to identify dependencies and prepare for NTLM’s disablement in future Windows client releases and the next major Windows Server version….

Microsoft has announced the general availability of centralized Remote Desktop Protocol (RDP) Shortpath configuration through Group Policy Objects (GPO) and Microsoft Intune. The update enables IT teams to centrally enforce and fine-tune RDP Shortpath behavior across Azure Virtual Desktop (AVD) session hosts and Windows 365 Cloud PCs. RDP Shortpath is a Remote Desktop feature that…

Microsoft has announced a major update to Conditional Access (CA) enforcement in Microsoft Entra ID. This upcoming change closes a long-standing loophole and ensures security measures are applied consistently across all sign-ins. Currently, Microsoft Entra ID Conditional Access policies set to apply to “All resources” may not always be enforced in certain situations. This can…

Microsoft has quietly patched multiple flaws in Windows 11’s Administrator Protection feature after Google researchers showed the original design could be bypassed. These flaws could have allowed attackers to obtain administrator privileges on affected systems without user interaction. What is Windows 11 Administrator Protection? Administrator Protection is a security feature in Windows 11 designed to…