100 links
tagged with microsoft
Click any tag below to further narrow down your results
Links
Microsoft celebrates its 50th anniversary with a vibrant marketing campaign that reflects on its evolution from Clippy to Copilot. The campaign showcases the company's innovative spirit and commitment to enhancing user experiences through technology. It features various creative elements that highlight Microsoft’s journey and future aspirations.
Microsoft is addressing a known issue in Outlook that prevents users from opening encrypted emails sent from other organizations, displaying an error message related to Information Rights Management. A temporary workaround involves enabling cross-tenant access to trust MFA claims, allowing encrypted emails to be opened without errors, though both sending and receiving organizations must implement this fix. Microsoft is actively investigating the cause of the issue and promises further updates.
Tencent has hired the WizardLM team, a group originally formed within Microsoft, known for its unconventional history in AI development. This move highlights Tencent's commitment to enhancing its AI capabilities and reflects ongoing competition in the tech industry for top talent in artificial intelligence.
Bill Gates has shared the original Microsoft source code on his Gates Notes blog to celebrate the company's 50th anniversary, recalling how he and Paul Allen created the software for the Altair 8800. Gates described the experience as one of the coolest moments of his programming career. Additionally, Melinda French Gates is making headlines with her upcoming book that discusses her marriage and divorce from Bill Gates.
Microsoft's AI tool has identified critical vulnerabilities in the GRUB2 U-Boot bootloader, which could potentially expose systems to security risks. The tool enhances the ability to detect such flaws, thereby improving the overall security posture of systems utilizing this bootloader.
Microsoft is discontinuing the password storage and autofill feature in its Authenticator app by August 2025, urging users to transition to Microsoft Edge for password management. Users must export their data before the deadlines to avoid losing access, while Passkey support will remain in the Authenticator app.
Microsoft has resolved a bug affecting the Start Menu jump lists for apps on Windows 10, version 22H2, which prevented users from accessing recently opened files. The issue was linked to a Controlled Feature Rollout that began in March 2025, but has since been paused to mitigate further impact. Affected users are encouraged to connect to the internet and restart their devices to apply the automatic fix.
The article discusses Microsoft's recent strategic shift towards a more aggressive approach in the tech industry, emphasizing its push into AI and cloud services. This "big stick" era reflects a commitment to leveraging its resources and influence to dominate the market and outpace competitors. The implications of this strategy for both consumers and the industry at large are explored.
Effective cloud incident response requires proper infrastructure setup across major platforms like Microsoft Azure, AWS, and Google Cloud. Key recommendations include centralized log management, configuring alerts, and leveraging specific services for incident containment and eradication. The article emphasizes the importance of preparing these systems to streamline incident analysis and response efforts.
Microsoft Authenticator is notifying users to export their passwords before the autofill feature is deprecated in July 2025, advising a switch to Microsoft Edge for continued password management. Users can export their saved passwords to a CSV file if they prefer not to use Edge. A timeline details the phases of deprecation, culminating in the removal of saved passwords by August 2025.
Microsoft's Copilot has been enhanced to browse the web and perform tasks autonomously, expanding its functionality beyond traditional document assistance. This upgrade aims to streamline user workflows by allowing Copilot to gather information and execute actions without direct user input. The changes are part of Microsoft's ongoing efforts to integrate AI more deeply into its software ecosystem.
Microsoft CEO Satya Nadella discusses the company's recent advancements in AI, particularly in integrating ChatGPT capabilities into various products, including Notepad. The focus is on enhancing user experience through AI-powered features and strategic investments in artificial intelligence technologies.
Microsoft has introduced new AI agents for Windows Copilot+ PCs that allow users to modify their device settings using natural language commands, automating the process with user permission. These features, aimed at simplifying user interactions with Windows, will initially roll out to English-speaking Windows Insiders on Snapdragon devices before expanding to other hardware. Additional updates include enhancements to Windows search, image editing tools in Photos and Paint, and new functions in Notepad.
Microsoft’s NLWeb project aims to revolutionize website interaction by transforming standard web pages into conversational interfaces powered by natural language processing. By allowing users to engage directly with content on sites, NLWeb enhances information searchability and user experience, with notable early adopters including Shopify and Tripadvisor. The initiative is designed to be technology agnostic, ensuring accessibility across various platforms without the need for additional applications.
Microsoft has announced the retirement of its Bing Search APIs, effective August 11, 2025, leaving many developers surprised and concerned about the abrupt timeline. With no direct replacement available, Microsoft suggests using real-time public web data, while alternatives like Brave Search APIs are being recommended for developers seeking cost-effective solutions.
Nvidia, Microsoft, BlackRock, and Elon Musk's xAI are part of a consortium that will acquire Aligned Data Centers for $40 billion, marking the largest global data center deal to date. The partnership aims to enhance AI infrastructure investment, with Aligned currently operating 50 campuses and over 5 gigawatts of capacity. The deal is anticipated to close late next year, pending regulatory approvals.
Microsoft has temporarily paused the integration of Copilot in SQL Server Management Studio (SSMS) 22, opting instead to shift to GitHub Copilot based on user feedback indicating a preference for this functionality. The initial version of SSMS 22 will not include any Copilot features while the SQL Server team works on achieving full integration in future releases.
Microsoft is experimenting with new AI features for its Notepad and Paint applications, aiming to enhance user experience and productivity. These updates are part of a broader initiative to integrate AI capabilities into various Microsoft software products, responding to the growing demand for intelligent tools in everyday tasks.
Hackers have been exploiting the TeamFiltration framework to launch password spraying attacks against over 80,000 Microsoft Entra ID accounts across hundreds of organizations since December 2024. The threat actor, known as UNK_SneakyStrike, has successfully compromised multiple accounts, particularly peaking on January 8 with 16,500 accounts targeted in one day. Organizations are advised to implement detection measures and enable multi-factor authentication to mitigate these attacks.
Microsoft has acknowledged a bug that causes a false alarm in the Windows Event Viewer after installing recent updates, specifically displaying an error related to the CertificateServicesClient. Users are advised to ignore the error message, which pertains to a component still under development, and Microsoft is working on a resolution. The issue affects Windows 11 24H2 and logs errors upon device restarts without impacting overall system processes.
Microsoft’s Azure Quantum group has outlined a plan to implement error correction in quantum computing, targeting a reduction of error rates from 1 in 1,000 to 1 in 1 million. Unlike IBM, which integrates both hardware and software for error correction, Microsoft provides access to various quantum hardware from different companies, allowing for flexible error correction schemes. The effectiveness of their proposed system has yet to be demonstrated with actual hardware.
Microsoft awarded $17 million to 344 security researchers in the past year through its bug bounty programs, marking the highest annual payout since the programs began in 2018. The total amount distributed across all years now reaches $92.5 million, with ongoing updates to enhance program coverage and align with emerging security challenges.
Microsoft has announced that Exchange Server 2016 and 2019 will reach the end of support on October 14, 2025, ceasing technical support, security fixes, and time zone updates. Administrators are urged to upgrade to Exchange Online or Exchange Server Subscription Edition to maintain security and support. Detailed migration guidance is available for those looking to transition from outdated versions.
The article discusses the unveiling of Microsoft's Copilot feature, which is designed to enhance productivity by integrating AI capabilities into various Microsoft applications. Mustafa Suleyman, co-founder of DeepMind, provides insights into the implications of AI in the workplace and the potential for Copilot to transform user interactions with software. The conversation highlights the balance between innovation and ethical considerations in AI development.
Microsoft is leveraging AI agents to enhance DevOps processes, which is leading to significant advancements in automation and efficiency within software development and operations. These AI agents are designed to streamline workflows and improve collaboration among teams, showcasing a competitive edge in the evolving tech landscape.
Microsoft has entered into $33 billion worth of agreements with various cloud companies, including Nebius and CoreWeave, to secure significant resources for its AI initiatives. Notably, the deal with Nebius ensures the acquisition of 100,000 NVIDIA GB300 chips for internal use, further strengthening Microsoft's position in the AI sector.
GitHub is set to be fully integrated into Microsoft’s organizational structure, with CEO Thomas Dohmke announcing his departure to pursue new ventures. He will remain until the end of 2025 to assist with the transition, as GitHub's leadership will report to multiple executives within Microsoft's CoreAI division. GitHub was acquired by Microsoft in 2018 for $7.5 billion.
Microsoft is testing its own AI model, MAI-1-preview, to reduce its reliance on OpenAI's technology for its Copilot assistant. The model is currently being evaluated on LMArena and aims to enhance Microsoft's AI offerings while competing with other major players in the field. Microsoft continues to support OpenAI but acknowledges the growing competition between the two companies.
Registration for Microsoft Build has closed, and the event has ended. Interested individuals can sign up to be notified about future registration openings and explore on-demand content from the event. For any questions, there is a contact email provided, and privacy concerns related to GDPR are addressed through a link to Privacy Management.
Microsoft is set to lay off several thousand employees, primarily in its sales department, as part of a restructuring aimed at optimizing its workforce while advancing its costly artificial intelligence initiatives. This move follows a previous reduction of 10,000 jobs in January 2023 and comes just before the start of the company's new fiscal year in July.
The article introduces Copilot Mode in Microsoft Edge, a new browsing feature that enhances user experience by integrating AI assistance directly into the browser. This mode allows users to easily interact with web content, providing contextual help and streamlining their online activities. The update aims to make web browsing more intuitive and efficient for users.
At LlamaCon, Microsoft CEO Satya Nadella revealed that up to 30% of the company's code is now generated by AI, highlighting a significant shift in software development practices. While AI is improving efficiency and automating repetitive tasks, Nadella emphasized the ongoing need for human oversight to ensure quality and handle complex projects.
Microsoft's August 2025 Patch Tuesday addressed 107 vulnerabilities, including a critical zero-day in Windows Kerberos that could allow domain administrator privilege escalation. The update also fixed thirteen critical vulnerabilities, predominantly related to remote code execution and information disclosure, highlighting ongoing security challenges for Windows users.
A new tool called 'Defendnot' tricks Windows into disabling Microsoft Defender by registering a fake antivirus product using an undocumented Windows Security Center API. Created by researcher es3n1n, it bypasses security features by injecting a dummy antivirus DLL into a trusted system process, effectively leaving devices without active protection. Microsoft Defender has flagged Defendnot as a threat, highlighting vulnerabilities in trusted system features.
Rishi Sunak has been appointed as a senior adviser to Microsoft and AI firm Anthropic, adding to his existing roles with Goldman Sachs and various investment firms. His advisory positions, which come with potential conflicts of interest concerns, will not involve UK policy matters, and he plans to donate his earnings to the Richmond Project charity aimed at promoting social mobility.
Microsoft is actively revamping its security culture as part of its "Secure Future Initiative," emphasizing security as a core employee priority during performance reviews. The company has reported significant advancements in areas such as multi-factor authentication, threat detection, and user experience design to enhance protection against attacks.
The article discusses Microsoft's partnership with Asus in enhancing the Xbox experience through new Windows and Xbox-compatible devices. This collaboration aims to integrate gaming functionalities more deeply into Windows, providing gamers with better tools and experiences. The focus is on optimizing hardware and software to improve overall performance and accessibility for users.
Microsoft is offering free extended security updates for Windows 10 users beyond the operating system's end of support date. This initiative aims to assist organizations in managing their transition to newer systems while ensuring continued protection against vulnerabilities. The updates will be available for specific editions of Windows 10 until 2025.
Microsoft has introduced significant improvements to the dark mode feature in Windows 11, enhancing visual comfort and usability for users. The updates aim to provide a more cohesive and aesthetically pleasing experience across the operating system. Users will benefit from better contrast and a more refined interface while using applications in dark mode.
Microsoft has significantly improved its Recall feature for Windows 11 after initial security concerns, making it opt-in by default, encrypting stored data, and adding automated filters for sensitive information. The feature allows users to capture screenshots and searchable text from their active windows, but it requires specific hardware and settings for optimal functionality. Users can also manage exclusions and storage limits within the app.
Microsoft is launching a project called NLWeb, aimed at integrating more chatbots into webpages to enhance user interactions and streamline online experiences. The initiative focuses on making it easier for businesses to deploy conversational AI on their sites, potentially transforming customer service and engagement.
Barclays has begun deploying Microsoft 365 Copilot to 100,000 of its employees, aiming to enhance productivity and streamline workflows across the organization. This rollout is part of a broader strategy to integrate advanced AI tools into daily operations, ultimately improving efficiency and collaboration among colleagues.
Senator Ron Wyden has criticized Microsoft for delivering "dangerous, insecure software" that contributed to a ransomware attack on Ascension, a major hospital network, and has urged the FTC to investigate the company's cybersecurity practices. Wyden highlighted longstanding vulnerabilities, particularly the use of the outdated RC4 encryption algorithm, and accused Microsoft of prioritizing profits over security while failing to provide adequate protections for its users. He argues that Microsoft's dominance in the enterprise operating system market poses a significant national security risk due to its negligence in addressing these issues.
Microsoft has identified a new malware, Lumma, which has been found on approximately 394,000 Windows PCs. The Lumma password stealer is designed to capture sensitive login information, raising significant security concerns for users. Microsoft is urging users to take precautions to protect their devices from this threat.
Microsoft is reportedly a significant holdout in OpenAI's restructuring plan, as the tech giant navigates its partnership and investment strategies amid changing dynamics in the AI sector. This tension may impact future collaborations and innovations in artificial intelligence.
Microsoft’s Copilot for M365 has a significant vulnerability that allows users to access files without leaving an audit log entry, posing serious security and compliance risks. Despite fixing the issue, Microsoft has chosen not to inform customers or disclose the vulnerability publicly, raising concerns about their transparency and responsibility regarding security practices. The article details the author’s frustrating experience reporting the vulnerability and highlights the implications for organizations relying on accurate audit logs.
Microsoft is facing significant challenges in advancing its artificial intelligence capabilities beyond prototype stages. The company needs to address issues related to integration, user experience, and scalability to fully realize its AI potential and maintain competitiveness in the tech landscape.
Microsoft Entra Private Access enhances security by integrating conditional access for on-premises Active Directory environments. This new feature aims to provide organizations with better control and protection over user access to critical resources. The implementation reflects a growing emphasis on zero-trust security models in enterprise environments.
Microsoft has announced significant upgrades to its Azure security protocols, including the purging of dormant tenants and the rotation of keys to prevent future breaches, particularly following a nation-state hack. The company claims to have made substantial progress on its Secure Future Initiative, focusing on enhanced authentication and defenses against potential attack vectors.
Microsoft is initiating a pilot program for a new AI marketplace aimed at compensating publishers for their content used by AI products, starting with its Copilot assistant. This move could mark a significant step towards creating a sustainable business model for content in the AI era, especially as the media industry seeks tech company involvement in marketplace operations.
Microsoft has resolved a boot issue affecting Linux on dual-boot systems with Secure Boot enabled after the August 2024 Windows security updates. The problem stemmed from an incorrectly applied Secure Boot Advanced Targeting update, which has now been fixed in the May 2025 Patch Tuesday updates. Users are advised to update their devices to incorporate this resolution.
Microsoft has resolved a bug affecting the 'Print to PDF' feature on Windows 11 24H2 systems, which surfaced after the April 2025 preview update. The fix is included in the KB5060829 cumulative update, and users can also manually enable the feature if they wish to avoid installing the June optional update. Additionally, previous printing issues related to USB printers were addressed by Microsoft in March.
Microsoft has launched a new feature in its Edge browser called Copilot Mode, which integrates AI capabilities to enhance user experience. This mode aims to provide smarter browsing by offering personalized suggestions, summarizing information, and assisting with various tasks directly within the browser interface.
Microsoft is investigating a global outage affecting access to the Exchange Admin Center, designated as a critical service issue. Administrators are encountering "HTTP Error 500" when trying to log in, but some have found a workaround via a different URL. Microsoft is working on solutions and has started redirecting traffic to restore access temporarily.
Audio designers at Microsoft are revolutionizing digital experiences by integrating sound into the design process, shaping user interactions and emotional engagement. This approach transforms sound from a mere functional element into a cohesive auditory experience that enhances products and resonates with users. Through initiatives like the Figma Sound Library, Microsoft is ensuring that sound design is a fundamental component of digital interfaces, much like visuals and typography.
Microsoft has launched a new AI browser that closely resembles OpenAI's recently unveiled Atlas, raising questions about originality and competition in the AI space. The new browser incorporates advanced features and functionalities that mirror those of Atlas, highlighting the rapid evolution and intense rivalry among tech giants in artificial intelligence development.
AI agents are evolving to become more autonomous, capable of proactively solving problems and improving workflows across various fields. To support this shift, OAuth 2 standards need to be updated to accommodate the unique authorization requirements of these intelligent systems, ensuring secure and granular access permissions. Microsoft emphasizes the importance of collaboration within the OAuth community to develop these necessary enhancements for a secure future of AI agents.
Microsoft has intensified its competition in the AI sector by hiring over 20 engineers from Google's DeepMind, including the former head of the Gemini chatbot team, Amar Subramanya. This strategic move not only strengthens Microsoft's AI capabilities but also poses a significant challenge to Google, as the tech industry experiences a fierce talent war marked by high-profile poaching and shifting motivations among top talent.
OpenAI is expanding its image-generating feature, gpt-image-1, to other developers and applications, including Adobe's Firefly and tools like Figma and Wix. This follows a surge in usage where over 130 million users created 700 million images in just the first week. Additionally, Microsoft will integrate OpenAI's image generation into its Microsoft 365 Copilot app, enhancing competition with Google in the generative AI market.
Microsoft will require employees to return to the office at least three days a week, starting with those near its Seattle headquarters in February 2026. This decision marks a shift in the company's remote work policy, which was previously more flexible compared to other tech giants. Employees can request exceptions to this mandate, but the new policy reflects increased pressure for in-person collaboration.
Microsoft is undergoing a transition within its GitHub division, with Thomas Dohmke resigning from his position as CEO of GitHub. This shift comes as the company aims to refocus its efforts on the CoreAI team, indicating a strategic realignment in its approach to artificial intelligence and development tools.
Microsoft is addressing an outage affecting its Azure Front Door CDN, which has disrupted access to various Microsoft 365 services across Europe, Africa, and the Middle East. As of the latest updates, the company has restored approximately 98% of the service and is actively monitoring for full recovery, with the outage affecting only about 4% of previously impacted customers. The incident has been officially mitigated, and users have reported resolution of access issues.
Recent attacks linked to Chinese hacking groups have exploited a zero-day vulnerability in Microsoft SharePoint, breaching numerous organizations globally. The vulnerabilities, identified as CVE-2025-49706 and CVE-2025-49704, were actively targeted by multiple threat actors, prompting Microsoft and CISA to release emergency patches and recommend immediate action for affected entities.
Microsoft is investigating a licensing issue affecting some users with Microsoft 365 Family subscriptions, who are mistakenly told their subscriptions have expired despite them being active. The company acknowledged the problem and is working to isolate its cause, advising users to restart apps or browsers for potential relief.
The article discusses Microsoft's implementation of the Pact framework, highlighting its benefits for creating consumer-driven contracts in microservices. It emphasizes the importance of ensuring compatibility between services and the advantages of using Pact in software development workflows. Additionally, it provides insights into best practices for integrating Pact into existing systems.
A critical flaw in Microsoft Entra ID, involving undocumented actor tokens and a vulnerability in the Azure AD Graph API, allowed potential global access to any organization's tenant without leaving logs of the actions taken. Security researcher Dirk-jan Mollema discovered that these actor tokens could be exploited to impersonate users, including Global Administrators, leading to severe security risks. Microsoft has since patched the vulnerability and is in the process of deprecating the affected API service.
Microsoft is rolling out a passwordless sign-in option for its services, utilizing passkeys as the default authentication method. This move aims to enhance security and simplify the login process for users by eliminating traditional passwords. The transition is part of a broader industry trend toward more secure and user-friendly authentication methods.
Microsoft is introducing a feature for Teams that will block users from taking screenshots during meetings, displaying a black screen instead. This functionality, aimed at protecting sensitive information, will roll out to various platforms in July 2025. While it prevents screenshots, users can still capture information using external devices like cameras.
Microsoft Office has unveiled a new set of icons that showcase a chic and modern aesthetic, drawing comparisons to Apple's liquid glass design. The redesign aims to enhance user experience and align with contemporary design trends, making the software feel more visually appealing and cohesive.
Microsoft has revealed plans for the future of Windows, showcasing features that will allow computers to perceive the environment, including seeing and hearing like humans, and enabling conversational interactions. This advancement aims to enhance user experience and transform how people interact with their devices, making technology more intuitive and responsive.
Microsoft has announced a new return-to-office (RTO) policy requiring employees to work in the office three days a week. This decision is based on data indicating that in-person collaboration enhances energy, empowerment, and productivity, particularly in the context of innovation in the AI era.
Microsoft has launched its "Wave 2" spring release for Microsoft 365 Copilot, enhancing human-agent collaboration with new features like specialized reasoning agents, AI-powered enterprise search, and a redesigned user interface. The introduction of an "Agent Store" and Copilot Notebooks underscores a shift towards a more integrated ecosystem of AI tools tailored for complex tasks, emphasizing Microsoft's vision of AI as collaborative partners in the workplace.
The article discusses a recent advertisement by Microsoft that utilizes generative AI technology. It explores how AI is being integrated into marketing strategies and the implications of using such technology in advertising campaigns. The focus is on the blend of creativity and technology in engaging audiences.
Huawei aims to surpass one billion users with its upcoming HarmonyOS, as the company transitions away from using Microsoft Windows due to restrictions. This new operating system is part of Huawei's strategy to enhance its ecosystem and maintain competitiveness in the global market.
In 1997, Microsoft invested $150 million in Apple, which seemed like a lifeline for the struggling company, but the deal was part of a strategic negotiation that involved settling patent disputes and ensuring both companies' survival. The investment not only kept Apple afloat but also allowed Microsoft to avoid antitrust issues, ultimately shaping the tech landscape for the next two decades.
Hackers are employing a sophisticated phishing technique that leverages legitimate Microsoft links and Active Directory Federation Services (ADFS) to redirect users to a counterfeit site designed to steal Microsoft 365 logins. By utilizing a trusted domain for redirection, attackers can bypass standard security measures, including multi-factor authentication. Researchers recommend monitoring for ADFS redirects and scrutinizing Google ads for potential malicious links.
Microsoft has officially changed the notorious "Blue Screen of Death" (BSOD) to a "Black Screen of Death" (BSoD) in its latest Windows update. This change is part of an effort to improve user experience and reduce confusion when system failures occur. The transition aims to modernize the error screen display while maintaining the functionality that users rely on during critical system errors.
OpenAI has completed its recapitalization, solidifying its nonprofit status through the newly established OpenAI Foundation, which retains a controlling stake in its for-profit entity now called OpenAI Group PBC. Microsoft, a major investor, supports this structure and will not have first rights to OpenAI's computing services, while both companies will collaborate on developments including independent paths toward achieving Artificial General Intelligence (AGI).
Microsoft has introduced a new AI assistant named "Mico," which aims to enhance productivity by integrating features similar to its predecessor, Clippy. Mico leverages advanced AI capabilities to assist users in various tasks, bridging the gap between traditional office tools and modern technology.
A critical unauthenticated path traversal vulnerability was discovered in Microsoft's NLWeb framework, allowing remote users to access sensitive files through malformed URLs. This incident highlights the potential severity of classic vulnerabilities in the context of AI-driven systems, underscoring the need for rigorous security practices as the Agentic Web evolves.
Signal Messenger has implemented a default block on screenshot capabilities for its Windows Desktop app to protect user privacy from the newly introduced Recall AI tool in Windows 11, which poses risks by capturing and storing user data. Users can manually enable screenshots if needed, but Signal emphasizes the need for this protection due to insufficient improvements in Recall's design despite previous criticisms.
Microsoft has confirmed a significant issue with Windows Server Update Services (WSUS) that is preventing organizations from successfully syncing with Microsoft Update to deploy Windows updates. The problem is attributed to a faulty update revision, and while Microsoft is currently working on a fix, no workarounds are available at this time. An update later confirmed that a server-side fix has resolved the issue.
Microsoft is adopting a strategy of trailing behind leading AI developers like OpenAI, focusing on optimizing their technology for specific use-cases rather than competing directly. CEO Mustafa Suleyman emphasizes the cost-effectiveness of this approach, while also highlighting the importance of developing Microsoft's own models like the Phi series for future AI self-sufficiency. The partnership with OpenAI will continue for at least another five years, during which Microsoft aims to build supporting applications and frameworks around AI technologies.
The article discusses the end of the infamous "Blue Screen of Death" in Windows operating systems, highlighting the transition to a more user-friendly error reporting system. It emphasizes how this change reflects Microsoft's efforts to improve user experience and system reliability.
A flaw in Microsoft OneDrive's file picker has been discovered, which could potentially allow attackers to exploit the feature for unauthorized access to files. This vulnerability highlights the need for improved security measures within cloud storage services to protect user data from malicious activities.
Microsoft has open-sourced the GitHub Copilot Chat extension for VS Code under the MIT license, allowing the community to access its full implementation and telemetry mechanisms. This move is part of Microsoft's plan to integrate AI features into the popular code editor, which has seen significant growth in the open-source AI ecosystem. While the original GitHub Copilot extension remains closed for now, Microsoft plans to transition its functionality into the open-source chat extension in the coming months.
Microsoft has transitioned its vulnerable driver block list from a browsable web page to a downloadable ZIP file, complicating its integration with SIEM tools. This project automates the downloading and processing of the block list, converting the data into CSV and JSON formats for easier usage in security applications. Weekly updates ensure that users have access to the latest driver information, including key attributes and cryptographic hashes.
Microsoft is set to lay off approximately 9,000 workers, following the elimination of around 6,000 roles in May. This latest round of job cuts affects less than 4% of the company's global workforce and spans various levels and teams, with notable reductions in the gaming segment.
Microsoft has introduced the Microsoft Agent Framework, an open-source SDK and runtime that unifies the strengths of its Semantic Kernel and AutoGen projects, allowing developers to build, deploy, and manage sophisticated multi-agent systems. This framework addresses the need for enterprise readiness, offering built-in observability, compliance, and extensibility while supporting both innovative and structured workflows for various applications.
A new phishing method called 'CoPhish' exploits Microsoft Copilot Studio agents to issue fraudulent OAuth consent requests, allowing attackers to steal session tokens through social engineering tactics. Researchers from Datadog Security Labs have highlighted the risks associated with Copilot Studio's flexibility and noted that Microsoft plans to address these vulnerabilities in future updates. Users are advised to limit administrative privileges and enforce stricter governance policies to mitigate the risks.
Microsoft has introduced the Microsoft Marketplace, a comprehensive platform that connects thousands of solutions with millions of customers. This initiative aims to streamline the process for businesses to discover and implement various software solutions tailored to their needs. The Marketplace is designed to enhance user experience and foster innovation in the tech ecosystem.
Sam Altman and Satya Nadella, once collaborators in the AI boom, are facing tensions over Microsoft's support and future direction regarding OpenAI. As both CEOs prepare for more independent paths, their relationship is strained by competition and differing priorities in the AI landscape.
Google is implementing a security feature in Chromium that prevents Google Chrome from running with administrative permissions by automatically "de-elevating" the browser upon launch. This change, inspired by a similar feature in Microsoft's Edge browser, aims to mitigate security risks associated with running the browser as an administrator, which can lead to malicious files executing with full system access.
Microsoft is developing an AI prototype called Project Ire, designed to autonomously reverse-engineer malware without human intervention. This initiative aims to enhance cybersecurity by quickly analyzing and understanding malicious software to improve defenses against cyber threats.
Russian hackers have been exploiting vulnerabilities in Microsoft's OAuth 2.0 authentication framework, allowing them to access sensitive information from targeted accounts. This ongoing attack poses significant security risks for organizations using Microsoft services, emphasizing the need for enhanced security measures and awareness.
Microsoft has lifted a compatibility hold that prevented devices with integrated cameras from installing Windows 11 24H2 due to a face detection bug that caused app freezes. The company confirmed the bug and has now fixed the issue, allowing eligible devices to update via the Windows Update release channel. However, some compatibility holds remain for other software and drivers.
Microsoft and Cloudflare have collaborated to take down the Raccoon365 phishing service, which targeted Microsoft 365 users. This operation aimed to protect users from credential theft and enhance overall cybersecurity measures against such phishing threats. The dismantling of Raccoon365 marks a significant step in combating cybercrime related to phishing schemes.
Microsoft has acknowledged that its October security updates have disabled USB mice and keyboards in the Windows Recovery Environment (WinRE), rendering it unusable for troubleshooting. In response, an emergency update (KB5070773) has been released to address the issue, while users are advised to switch to Bluetooth or PS/2 devices in the meantime. A fix is expected to be available soon.
To deploy AI safely, organizations should understand potential risks and create a comprehensive management plan that includes the entire system and its human components. Key principles involve continuous risk assessment, creating a written safety plan, and adapting strategies to address both conventional and AI-specific challenges, such as inherent errors in AI systems. Practical guidance and resources for safe AI deployment are also highlighted in the ongoing series from Microsoft’s Deputy CISOs.
The article discusses Microsoft's initiative called Elevate Washington, which aims to enhance access to technology and digital skills for underserved communities in Washington State. Through partnerships with local organizations, the program seeks to empower individuals with the tools and knowledge needed to thrive in a digital economy.