The U.S. is the top target for cyberattacks, with criminals and foreign adversaries targeting companies, governments and organizations.

The post Microsoft: Russia, China Increasingly Using AI to Escalate Cyberattacks on the US appeared first on SecurityWeek.

CVE-2025-55315 is an HTTP request smuggling bug leading to information leaks, file content tampering, and server crashes.

The post ‘Highest Ever’ Severity Score Assigned by Microsoft to ASP.NET Core Vulnerability appeared first on SecurityWeek.

Microsoft has removed two more compatibility holds preventing customers from installing Windows 11 24H2 via Windows Update. [...]

Earlier this week, Microsoft patched a vulnerability that was flagged with the "highest ever" severity rating received by an ASP.NET Core security flaw. [...]

Microsoft has fixed a known issue breaking HTTP/2 localhost (127.0.0.1) connections and IIS websites after installing recent Windows security updates. [...]

The tech giant attributed the attacks to Vanilla Tempest, also known as Vice Spider and Vice Society.

The post Microsoft Revokes Over 200 Certificates to Disrupt Ransomware Campaign appeared first on SecurityWeek.

Microsoft's October Windows 11 updates have broken the "localhost" functionality, making applications that connect back to 127.0.0.1 over HTTP/2 no longer function properly. [...]

Microsoft has disrupted a wave of Rhysida ransomware attacks in early October by revoking over 200 certificates used to sign malicious Teams installers. [...]

​​​​​Microsoft reminded customers this week that Office 2016 and Office 2019 have reached the end of extended support on October 14, 2025. [...]

Microsoft announced today a new Windows 11 Copilot feature called Copilot Actions that enables AI agents to perform real tasks on local files and applications. [...]

The tech giant has rolled out fixes for 173 CVEs, including five critical-severity security defects.

The post Microsoft Patches 173 Vulnerabilities, Including Exploited Windows Flaws appeared first on SecurityWeek.

SecurityWeek talks to Microsoft Deputy CISOs Ann Johnson and Mark Russinovich.

The post CISO Conversations: Are Microsoft’s Deputy CISOs a Signpost to the Future? appeared first on SecurityWeek.

It’s not just Copilot that’s becoming oppressive. Is the message above helpful, or coercive? Apparently, everyday, ordinary, plain advertising just doesn’t work any longer.

In what marks the end of an era, Microsoft has released the Windows 10 KB5066791 cumulative update, the final free update for the operating system as it reaches the end of its support lifecycle. [...]

Microsoft has reminded that Exchange Server 2016 and 2019 reached the end of support and advised IT administrators to upgrade servers to Exchange Server SE or migrate to Exchange Online. [...]

Today is Microsoft's October 2025 Patch Tuesday, which includes security updates for 172 flaws, including six zero-day vulnerabilities. Get patching! [...]

Microsoft has released Windows 11 KB5066835 and KB5066793 cumulative updates for versions 25H2/24H2 and 23H2 to fix security vulnerabilities and issues. [...]

Microsoft has reminded customers today that Windows 10 has reached the end of support and will no longer receive patches for newly discovered security vulnerabilities. [...]

Microsoft addressed 175 vulnerabilities affecting its core products and underlying systems, including two actively exploited zero-days, the company said in its latest security update. It’s the largest assortment of defects disclosed by the tech giant this year.

The zero-day vulnerabilities — CVE-2025-24990 affecting Agere Windows Modem Driver and CVE-2025-59230 affecting Windows Remote Access Connection Manager — both have a CVSS rating of 7.8. The Cybersecurity and Infrastructure Security Agency added both zero-days to its known exploited vulnerabilities catalog Tuesday.

Microsoft said the third-party Agere Modem drive that ships with supported Windows operating systems has been removed in the October security update. Fax modem hardware that relies on the driver will no longer work on Windows, the company said.

Attackers can achieve administrator privileges by exploiting CVE-2025-24990. “All supported versions of Windows can be affected by a successful exploitation of this vulnerability, even if the modem is not actively being used,” Microsoft said in its summary of the defect.

The improper access control vulnerability affecting Windows Remote Access Connection manager can be exploited by an authorized attacker to elevate privileges locally and gain system privileges, Microsoft said. 

Windows Remote Access Connection Manager, a service used to manage remote network connections through virtual private networks and dial-up networks, is a “frequent flyer on Patch Tuesday, appearing more than 20 times since January 2022,” Satnam Narang, senior staff research engineer at Tenable, said in an email. “This is the first time we’ve seen it exploited in the wild as a zero day.”

The most severe vulnerabilities disclosed this month include CVE-2025-55315 affecting ASP.NET core and CVE-2025-49708 affecting Microsoft Graphics Component. Microsoft said exploitation of the defects is less likely, but both have a CVSS rating of 9.9.

Microsoft flagged 14 defects as more likely to be exploited this month, including a pair of critical vulnerabilities with CVSS ratings of 9.8 — CVE-2025-59246 affecting Azure Entra ID and CVE-2025-59287 affecting Windows Server Update Service.

The vendor disclosed five critical and 121 high-severity vulnerabilities this month. The full list of vulnerabilities addressed this month is available in Microsoft’s Security Response Center.

The post Microsoft’s Patch Tuesday fixes 175 vulnerabilities, including two actively exploited zero-days appeared first on CyberScoop.

I uploaded a photo on my phone to Microsoft's "OneDrive" file-hosting app — and there was a surprise waiting under Privacy and Permissions. "OneDrive uses AI to recognize faces in your photos..." And... "You can only turn off this setting 3 times a year." If I moved the slidebar for that setting to the left (for "No"), it moved back to the right, and said "Something went wrong while updating this setting." (Apparently it's not one of those three times of the year.) The feature is already rolling out to a limited number of users in a preview, a Microsoft publicist confirmed to Slashdot. (For the record, I don't remember signing up for this face-recognizing "preview".) But there's a link at the bottom of the screen for a "Microsoft Privacy Statement" that leads to a Microsoft support page, which says instead that "This feature is coming soon and is yet to be released." And in the next sentence it's been saying "Stay tuned for more updates" for almost two years... A Microsoft publicist agreed to answer Slashdot's questions...

Read more of this story at Slashdot.