Tag

#microsoft

43 stories taggedmicrosoft · page 3 of 3.

AI Security

Microsoft Cages the Agent: MXC, MDASH, and the Push to Govern Autonomous AI at Runtime

Microsoft is shipping a dedicated containment environment for agentic AI workloads, alongside open-source governance frameworks and expanded vulnerability-scanning capabilities — all aimed at reining in what autonomous coding agents can actually do.

2 min
Vulnerabilities

Microsoft Threatened a Bug Hunter With Legal Action. Now It's Walking That Back.

A researcher dropped unpatched zero-days with working exploits. Microsoft's first response was to reach for the lawyers. That went poorly.

2 min
Vulnerabilities

A Dev Flag Left Microsoft Account Tokens Exposed Across Billions of Android Installs

A single misconfigured development setting bypassed token-protection controls in Microsoft's Android apps. The blast radius was massive.

2 min
Vulnerabilities

Microsoft and Researcher Nightmare Eclipse Trade Public Accusations Over Disclosure Gone Wrong

A researcher who published unpatched vulnerability details says Microsoft deleted his accounts and ruined his life. Microsoft says his drops put proof-of-concept code in criminals' hands. Neither is entirely wrong.

3 min
Ransomware

Gentlemen Ransomware Spreads Before It Encrypts — That's the Whole Point

Microsoft's analysis of the Go-based Gentlemen encryptor shows why lateral movement, not file-locking, is now the primary design goal of serious ransomware operations.

2 min
AI Security

Microsoft's New Device Isolation in Defender: A Double-Edged Sword?

Microsoft introduces automatic device isolation in Defender for Endpoint, but potential risks loom.

2 min
AI Security

Microsoft Catches Chatbots Pointing Users at Cryptojacking Sites

A campaign tracked by Microsoft Defender Experts is poisoning AI assistant answers so that download recommendations lead to miner-laden installers.

2 min
Vulnerabilities

SharePoint's latest RCE bug hands attackers the keys with no extra paperwork

CVE-2026-45659 is a deserialization flaw that doesn't ask for much — and that's exactly why Microsoft is shipping fixes across every supported SharePoint Server build.

2 min
AI Security

Microsoft Open-Sources Rampart and Clarity to Embed AI Agent Safety Into Dev Pipelines

Two new tools shift AI red-teaming left, targeting prompt injection and privilege escalation before code ships.

3 min
AI Security

Microsoft Wires Agentic AI Into Edge for Business — With an Audit Leash Attached

A limited preview of Edge for Business introduces Copilot-driven task automation alongside Microsoft Purview controls that log, filter, and block sensitive data before it leaves the tenant.

3 min
Vulnerabilities

When the Hardware Isn't There: Coaxing Vulnerable Drivers Into Range

BYOVD research keeps colliding with a stubborn problem — many kernel drivers refuse to talk unless their device is plugged in. New work shows how to make them talk anyway.

2 min
Vulnerabilities

April Patch Tuesday Lands With 167 Microsoft Fixes, SharePoint Zero-Day Under Attack

BlueHammer Defender bug goes public, Adobe Reader flaw exploited since November, and Chrome ships its fourth zero-day of the year.

2 min
Vulnerabilities

Microsoft Skips a Zero-Day for the First Time in Two Years. Nobody Wants to Talk About Why.

118 fixes shipped, none under active exploit, and a quiet Anthropic project keeps surfacing in vendor briefings. Microsoft, Apple and Oracle declined to discuss it on the record.

3 min
© 2026 Threat Vectr