Security News

Microsoft has reminded customers once again that Windows Server, version 20H2, will be reaching its End of Service in less than a month, on August 9. "On August 9, 2022, all editions of Windows Server, version 20H2 will reach end of servicing. The upcoming August 2022 security update, to be released on August 9, 2022, will be the last update available for this version," Microsoft said in a Windows message center update this week.

In a preliminary post-incident report, Microsoft has revealed that this week's 5-hour-long Microsoft 365 worldwide outage was triggered by a faulty Enterprise Configuration Service deployment that led to cascading failures and availability impact across multiple regions. ECS is an internal central configuration repository designed to enable Microsoft services to make wide-scope dynamic changes across multiple services and features, as well as targeted ones such as specific configurations per tenant or user.

Microsoft is shutting the door on a couple of routes cybercriminals have used to attack users and networks. The issue of macros has become a particularly gnarly one for the software giant.

Microsoft has officially resumed blocking Visual Basic for Applications macros by default across Office apps, weeks after temporarily announcing plans to roll back the change. Earlier this February, Microsoft publicized its plans to disable macros by default in Office applications such as Access, Excel, PowerPoint, Visio, and Word as a way to prevent threat actors from abusing the feature to deliver malware.

Microsoft warned that starting with this week's optional preview updates, temporary mitigation provided one year ago to address Windows Server printing issues on non-compliant devices will be removed, potentially breaking printing. As Redmond explained last year, a known issue might cause print and scan failures on multiple Windows Server versions after installing the July 2021 security updates on Windows domain controllers.

Microsoft is rolling out a fix for a known issue that caused MS Access runtime applications not to open after installing July 2022's Patch Tuesday Office/Access security updates. Based on user complaints on Microsoft's official community website and Reddit, the KB5002112 and KB5002121 updates are the ones triggering this issue for MS Access 2016 and MS Access 2013, respectively.

"Win11 builds now have a DEFAULT account lockout policy to mitigate RDP and other brute force password vectors," David Weston of Enterprise and OS Security at Microsoft, announced, just as the company confirmed that it will resume the rollout of the default blocking of VBA macros obtained from the internet. Brute-forced RDP access and malicious macros have for a long time been two of the most popular tactics used by threat actors to gain unauthorized access to Windows systems.

Strange things are afoot in the world of Microsoft email with multiple users reporting unusual sign-in notifications for their Outlook accounts. While an unusual sign-in activity email should always be treated with suspicion, the twist here is that the IP address at the root of the issue appears to originate within Microsoft itself.

What initially started like a minor Microsoft Teams outage has also taken down multiple Microsoft 365 services with Teams integration, including Exchange Online, Windows 365, and Office Online."We've received reports of users being unable to access Microsoft Teams or leverage any features," the company revealed on its official Microsoft 365 Status Twitter account more than 8 hours ago.

End users can find more information on the next steps after macros are blocked in a downloaded Office document on the A potentially dangerous macro has been blocked support page. IT admins can find dedicated documentation on the Macros from the Internet will be blocked by default in Office page.