Hotmail email delivery fails after Microsoft misconfigures DNS
Hotmail users worldwide have problems sending emails, with messages flagged as spam or not delivered after Microsoft misconfigured the domain’s DNS SPF record.
Linux, Open Source, & anti Microsoft news
Microsoft Finally Realizes Nobody Wants Its Windows 11 Preinstalled Bloatware
Windows 11 users will soon be able to remove more of the bloatware that gets preinstalled with Microsoft’s operating system.
29 years ago, Microsoft thought of bundling Internet Explorer with Windows
Although Internet Explorer is now dead and has been succeeded by Microsoft Edge — which is based on Chromium and doesn’t really command a huge marketshare — Microsoft’s decision to…
Microsoft might be saving your Bing Chat conversations
Uh-oh — Microsoft might be storing information from your Bing chats. This is probably totally fine as long as you’ve never chatted about anything you wouldn’t want anyone else reading,…
Microsoft fails to fix major PowerShell Gallery security flaws even after claiming it did
AquaSec explains in its report that there are three major flaws in PSGallery, centered around deception and forgery. The surprising thing about the matter though is that Microsoft has apparently…
CrowdStrike: Microsoft Is Failing At Security
In the wake of recent vulnerabilities and high-profile attacks, there is growing concern regarding vulnerabilities present in Microsoft’s software and increasing intensity focused on the question of Microsoft’s culpability. Customers,…
Microsoft Exchange updates pulled after breaking non-English installs
Microsoft has pulled Microsoft Exchange Server’s August security updates from Windows Update after finding they break Exchange on non-English installs.
How an unpatched Microsoft Exchange 0-day likely caused one of the UK’s biggest hacks ever
It’s looking more and more likely that a critical zero-day vulnerability that went unfixed for more than a month in Microsoft Exchange was the cause of one of the UK’s…
Microsoft Office update breaks actively exploited RCE attack chain
Microsoft released a defense-in-depth update for Microsoft Office that prevents exploitation of a remote code execution (RCE) vulnerability tracked as CVE-2023-36884 that threat actors have already leveraged in attacks.
Microsoft Visual Studio Code flaw lets extensions steal passwords
Microsoft’s Visual Studio Code (VS Code) code editor and development environment contains a flaw that allows malicious extensions to retrieve authentication tokens stored in Windows, Linux, and macOS credential managers.
Microsoft August 2023 Patch Tuesday warns of 2 zero-days, 87 flaws
Today is Microsoft’s August 2023 Patch Tuesday, with security updates for 87 flaws, including two actively exploited and twenty-three remote code execution vulnerabilities. While twenty-three RCE bugs were fixed, Microsoft…
Microsoft fixes flaw after being called irresponsible by Tenable CEO
Microsoft fixed a security flaw in the Power Platform Custom Connectors feature that let unauthenticated attackers access cross-tenant applications and Azure customers’ sensitive data after being called “grossly irresponsible” by…
Microsoft is testing a new Edge feature that captures screenshots of every site you visit
Facepalm: Microsoft developers are working on a new feature for Edge. An upcoming version of the Chromium-based browser could provide an easier way to view web history, but it could…
Microsoft attacked over ‘grossly irresponsible’ security practice
Tenable’s CEO and former national cyber security director to the George W Bush administration, Amit Yoran, has hit out at Microsoft and accused the software giant of deliberately putting its…
Hackers can abuse Microsoft Office executables to download malware
The list of LOLBAS files – legitimate binaries and scripts present in Windows that can be abused for malicious purposes, will soon include the main executables for Microsoft’s Outlook email…