NTLM Bites Back and Copilot Vision Is Watching You

This Week in IT, a legacy authentication protocol is still causing woes for many organizations this week as hackers continue to exploit it, Copilot Vision is coming to Edge users in the US for free, and Windows 11 gets offered to some corporate users despite Intune policies to block it.

Links and resources

• Copilot on Windows: Vision and file search begin rolling out to Windows Insiders | Windows Insider Blog
• Hackers Exploit Critical Windows NTLM Spoofing Vulnerability
• Windows 11 Upgrade Prompts Triggered by Intune Bug

Episode overview

This week in IT highlights several significant developments. A legacy authentication protocol in Active Directory continues to be exploited by hackers, raising concerns for organizations. Microsoft has introduced Co-Pilot Vision, now available for free to Edge users in the U.S., while Windows 11 is being pushed to some corporate users despite Intune policies blocking it.

• Future of Copilot Features: The Copilot app is expected to roll out more features, enhancing the search capabilities in Windows.
• Legacy Authentication Vulnerability: A critical vulnerability in the NTLM authentication protocol is being exploited, prompting Microsoft to advise organizations to audit their Active Directory environments.
• Copilot Vision Launch: Microsoft has made Copilot Vision available for free to Microsoft Edge users in the U.S., allowing users to share specific windows on their screens for assistance. 
• Windows 11 Upgrade Notifications: Some users received unexpected prompts to upgrade to Windows 11, despite organizations using Intune to block these notifications. Microsoft acknowledged the issue and is working on a fix.