A pair of flaws in Microsoft's Entra ID identity and access management system could have allowed an attacker to gain access ...

Microsoft September 2025 Patch Tuesday fixes 81 vulnerabilities including two zero-days in Windows SMB and SQL Server ...

Microsoft patched CVE-2025-50165, an “extremely high-risk” memory corruption flaw in its graphics component that could let attackers execute code over the network.

An elevation of privilege vulnerability in the Windows NTLM authentication protocol and a flaw in Office’s Preview Pain are ...

Microsoft's Security blog states the exploit could in theory be used to allow for a "remote code execution if users browse to a malicious website with an affected browser." Computerworld.com reports ...

A warning has been issued to Microsoft users detailing a cybersecurity flaw that allowed hackers to access its SharePoint servers, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) ...

Dozens of organizations appear to have been affected over the past few days by hackers targeting Microsoft server software. Microsoft said in a post on its website on Saturday that it was “aware of ...

Microsoft said that legal actions initiated by its Digital Crimes Unit to handle cybercrime activities using the exploitation of generative artificial intelligence techniques The company's release ...

Hackers are exploiting Microsoft’s Active Directory Federation Services (ADFS) alongside legitimate office.com redirects to trick users into handing over Microsoft 365 credentials, researchers have ...

The bug allows hackers to inject malware onto any system if they manage to trick users into visiting booby-trapped websites. Anyone with Internet Explorer (IE) 6 to 8 is potentially affected. The code ...

Microsoft Threat Intelligence has revealed details of a now patched but previously unknown macOS vulnerability that could have allowed attackers to bypass Apple Inc.’s System Integrity Protection in ...