Rabia Noureen

Microsoft has quietly patched multiple flaws in Windows 11’s Administrator Protection feature after Google researchers showed the original design could be bypassed. These flaws could have allowed attackers to obtain administrator privileges on affected systems without user interaction. What is Windows 11 Administrator Protection? Administrator Protection is a security feature in Windows 11 designed to…

Microsoft has rolled out Message Trace support via the Microsoft Graph API in public preview for commercial customers. The update delivers a modern, RESTful interface that lets administrators trace email messages end-to-end across Exchange Online with greater consistency and control. In Exchange Online, the Message Trace feature provides administrators with a way to follow the…

Microsoft has released emergency out-of-band Office security updates to patch a critical Microsoft Office vulnerability that is already under active exploitation. This flaw (tracked as CVE-2026-21509) is being used by attackers in real-world attacks to bypass built-in security protections. The zero-day bug (CVE-2026-21509) is a high‑severity security feature‑bypass flaw in Microsoft Office that originates from…

Microsoft is rolling out an important security change to protect Windows environments from a newly exposed Kerberos vulnerability that could let attackers exploit weak RC4 encryption. The company has urged organizations to act quickly as domain controllers move toward stronger AES‑based encryption to prevent potential authentication risks. The security flaw (CVE‑2026‑20833) is a Kerberos information‑disclosure…

Microsoft has made its Purview Data Security Investigations solution generally available for commercial customers. The new tool is built to expose hidden data risks and reduce investigation timelines from weeks to just hours. According to Microsoft, traditional data investigations often require manual, file‑by‑file reviews, which are no longer practical due to the scale of data…

Microsoft has introduced new Unified Tenant Configuration Management (UTCM) APIs in public preview through Microsoft Graph. These APIs enable organizations to consistently control, manage, and monitor configuration settings across one or multiple Microsoft 365 workloads. Why is configuration drift a growing problem in Microsoft 365 tenants? The new UTCM APIs address the problem of configuration…

Microsoft has released new out-of-band updates to fix a Windows 11 bug that caused applications to freeze when saving files to cloud storage services. The issue was introduced by the January 13 security update and has affected users relying on OneDrive, Dropbox, and similar platforms. Last week, Microsoft acknowledged that this bug caused the classic…

A new study reveals that UK mid-market organisations are increasingly reducing their reliance on external cybersecurity vendors and shifting responsibility to in-house teams. This move is driven by mounting cost pressures and declining trust in providers, and it raises concerns about whether these organisations can sustain long-term cyber resilience. IT services provider Advania conducted a…

Microsoft is investigating a newly discovered issue that causes certain apps to freeze when saving files to cloud storage services such as OneDrive and Dropbox. The problem appears to impact users who installed the January 2026 security update on Windows 11 PCs. “For example, in some configurations of Outlook that store PST files on OneDrive,…

Microsoft has introduced new trust-focused enhancements in the Teams Admin Center (TAC) to help IT admins more easily evaluate, approve, and manage applications used within Microsoft Teams. These updates are designed to strengthen governance, streamline compliance checks, and highlight trusted solutions. Improved trust visibility for apps First off, Microsoft has a new “Apps to Consider…

Microsoft is beefing up its enterprise defenses this week with a major security and compliance update for Microsoft 365 Apps for Enterprise version 2512. This new baseline strengthens Excel, PowerPoint, and core system settings to help enterprises stay protected against evolving cyber threats. Specifically, the latest baseline updates several Microsoft 365 Apps components, especially Excel,…

Cybersecurity researchers have disclosed critical vulnerabilities in widely used MCP servers that exposed how AI-powered tools can quickly turn into high-risk attack surfaces. The flaws could be exploited to enable cloud account takeovers, arbitrary file access, and even full remote code execution. A Model Context Protocol (MCP) server is a system that connects AI assistants…