Microsoft gives the FBI the ability to decrypt BitLocker in response to court orders: about twenty times per year.
Itβs possible for users to store those keys on a device they own, but Microsoft also recommends BitLocker users store their keys on its servers for convenience. While that means someone can access their data if they forget their password, or if repeated failed attempts to login lock the device, it also makes them vulnerable to law enforcement subpoenas and warrants.
Microsoft has confirmed that a known issue preventing some Windows 11 devices from shutting down also affects Windows 10 systems with Virtual Secure Mode (VSM) enabled. [...]
Microsoft has fixed a known issue that was causing the password sign-in option to disappear from the lock screen options after installing Windows 11 updates released since August 2025. [...]
Microsoft announced that it will disable the 30-year-old NTLM authentication protocol by default in upcoming Windows releases due toΒ security vulnerabilities that expose organizations to cyberattacks. [...]
Microsoft has fixed a known issue that prevented Microsoft 365 customers from opening encrypted emails in classic Outlook after a recentΒ update. [...]
Microsoft has released the KB5074105 preview cumulative update for Windows 11 systems, which includes 32 changes, including fixes for sign-in, boot, and activation issues. [...]
Microsoft has linked recent reports of Windows 11 boot failures after installing the January 2026 updates to previously failed attempts to install the December 2025 security update, which left systems in an "improper state." [...]
Microsoft issued an emergency patch for a high-severity zero-day vulnerability in Office that allows attackers to bypass document security checks and is being exploited in the wild via malicious files.
Microsoft pushed the emergency patch for the zeroβday, tracked as CVE-2026-21509, and classified it as a βMicrosoft Office Security Feature Bypass Vulnerabilityβ with a CVSS score of 7.8 out of 10.
The flaw allows attackers to bypass Object Linking and Embedding (OLE) mitigations that are designed to block unsafe COM/OLE controls inside Office documents. This means a malicious attachment could infect a PC despite built-in protections.
In a real-life scenario, an attacker creates a fake Word, Excel, or PowerPoint file containing hidden βminiβprogramsβ or special objects. They can run code and do other things on the affected computer. Normally, Office has safety checks that would block those mini-programs because theyβre risky.
However, the vulnerability allows the attacker to tweak the fileβs structure and hidden information in a way that tricks Office into thinking the dangerous miniβprogram inside the document is harmless. As a result, Office skips the usual security checks and allows the hidden code to run.
As code to test the bypass is publicly available, increasing the risk of exploitation, users are under urgent advice to apply the patch.
Updating Microsoft 365 and Office
How to protect your system
What you need to do depends on which version of Office youβre using.
The affected products include Microsoft Office 2016, 2019, LTSC 2021, LTSC 2024, and Microsoft 365 Apps (both 32βbit and 64βbit).
Office 2021 and later are protected via a serverβside change once Office is restarted. To apply it, close all Office apps and restart them.
Office 2016 and 2019 require a manual update. Run Windows Update with the option to update other Microsoft products turned on.
If youβre running build 16.0.10417.20095 or higher, no action is required. You can check your build number by opening any Office app, going to your account page, and selecting About for whichever application you have open. Make sure the build number at the top reads 16.0.10417.20095 or higher.
What always helps:
Donβt open unsolicited attachments without verifying them with a trusted sender.
Treat all unexpected documents, especially those asking to βenable contentβ or βenable editing,β as suspicious.
Keep macros disabled by default and only allow signed macros from trusted publishers.
Microsoft issued an emergency patch for a high-severity zero-day vulnerability in Office that allows attackers to bypass document security checks and is being exploited in the wild via malicious files.
Microsoft pushed the emergency patch for the zeroβday, tracked as CVE-2026-21509, and classified it as a βMicrosoft Office Security Feature Bypass Vulnerabilityβ with a CVSS score of 7.8 out of 10.
The flaw allows attackers to bypass Object Linking and Embedding (OLE) mitigations that are designed to block unsafe COM/OLE controls inside Office documents. This means a malicious attachment could infect a PC despite built-in protections.
In a real-life scenario, an attacker creates a fake Word, Excel, or PowerPoint file containing hidden βminiβprogramsβ or special objects. They can run code and do other things on the affected computer. Normally, Office has safety checks that would block those mini-programs because theyβre risky.
However, the vulnerability allows the attacker to tweak the fileβs structure and hidden information in a way that tricks Office into thinking the dangerous miniβprogram inside the document is harmless. As a result, Office skips the usual security checks and allows the hidden code to run.
As code to test the bypass is publicly available, increasing the risk of exploitation, users are under urgent advice to apply the patch.
Updating Microsoft 365 and Office
How to protect your system
What you need to do depends on which version of Office youβre using.
The affected products include Microsoft Office 2016, 2019, LTSC 2021, LTSC 2024, and Microsoft 365 Apps (both 32βbit and 64βbit).
Office 2021 and later are protected via a serverβside change once Office is restarted. To apply it, close all Office apps and restart them.
Office 2016 and 2019 require a manual update. Run Windows Update with the option to update other Microsoft products turned on.
If youβre running build 16.0.10417.20095 or higher, no action is required. You can check your build number by opening any Office app, going to your account page, and selecting About for whichever application you have open. Make sure the build number at the top reads 16.0.10417.20095 or higher.
What always helps:
Donβt open unsolicited attachments without verifying them with a trusted sender.
Treat all unexpected documents, especially those asking to βenable contentβ or βenable editing,β as suspicious.
Keep macros disabled by default and only allow signed macros from trusted publishers.
Microsoft plans to introduce a call reporting feature in Teams by mid-March, allowing users to flag suspicious or unwantedΒ calls as potential scams or phishing attempts. [...]
Microsoft heeft het netwerk achter de gevreesde Lumma- malware ontmanteld. Dat gebeurde in samenwerking met autoriteiten in meerdere landen. Cybercriminelen gebruiken de malware om bijvoorbeeld wachtwoorden en cryptowallets van Windows -gebruikers te stelen.
Microsoft heeft nieuwe beveiligingsfuncties aangekondigd van zijn AI -assistent Copilot. Elf zogeheten AI-agents kunnen helpen bij gegevensbeveiliging en het tegengaan van zaken als phishing , identiteitsdiefstal en datalekken.
rvrsh3ll //Β IntroductionΒ This blog post is intended to give a light overview of device codes, access tokens, and refresh tokens. Here, I focus on the technical how-to for standing [β¦]
Sally VandevenΒ // We have all heard people talk about how much cooler Linux is than Windows, so much easier to use, etc. Well, they are not necessarily wrongβ¦ but we [β¦]
Sally Vandeven & David Fletcher // This is the podcast version of Sally & Davidβs webcast. For the whole webcast see our webcast post. Links that are mentioned in this [β¦]
David Fletcher & Sally Vandeven// Join David βFletchβ and Sally as they explore the cornucopia of wonderful, free tools in the SysInternals Suite that conveniently are signed by Microsoft and [β¦]
Carrie Roberts* // Can you think of a reason why you might want to put a lengthy comment into the properties of an MS Office document? If you can, then [β¦]