Security News

A PoC exploit for CVE-2023-21716, a critical RCE vulnerability in Microsoft Word that can be exploited when the user previews a specially crafted RTF document, is now publicly available.Patches for the flaw - which affects a wide variety of MS Office and SharePoint versions, Microsoft 365 Apps for Enterprise and other products - have been released by Microsoft last month.

The seemingly innocuous Microsoft OneNote file has become a popular file format used by hackers to spread malware and breach corporate networks. To give a little background on how we got to Microsoft OneNote files becoming the tool of choice for malware-distributing phishing attacks, we first need to explain how we got here.

Microsoft is testing a new and modern-looking Windows 11 volume mixer accessible via the taskbar Quick Settings panel that helps adjust the volume on a per-app basis and switch between audio devices. Testers need to open the Quick Settings panel to access it after clicking the volume icon in the Windows tray or use the new global keyboard shortcut for even faster control.

Microsoft has released out-of-band security updates for 'Memory Mapped I/O Stale Data' information disclosure vulnerabilities in Intel CPUs.The Mapped I/O side-channel vulnerabilities were initially disclosed by Intel on June 14th, 2022, warning that the flaws could allow processes running in a virtual machine to access data from another virtual machine.

Microsoft has added two new utilities to the open-source PowerToys toolset to help Windows users paste text without formatting and make moving the mouse across multiple screens or on ultra-wide monitors easier. As its name implies, the new "Paste as Plain Text" tool can quickly paste the most recent clipboard content as unformatted text into any app.

Microsoft is investigating an ongoing outage blocking Exchange Online customers worldwide from accessing their mailboxes or sending/receiving emails. Affected users see "550 5.4.1 Recipient address rejected: Access denied" errors when trying to send or when receiving messages, starting today at 1:11 PM UTC. "We're investigating an issue wherein users may be unable to access their Exchange Online mailboxes via any connection method. Additional details can be found within the Service Health Dashboard under EX522020," Microsoft tweeted earlier today.

Microsoft has addressed a Windows 11 22H2 known issue causing some apps not to be installed during Windows provisioning. "Using provisioning packages on Windows 11, version 22H2 might not install all expected apps," the company explained in a new update to the Windows Release Health dashboard.

Microsoft announced today that it's integrating the new AI-powered Bing Chat into the Windows 11 search box with the latest Windows feature update. "Today, we take the next major step forward and combine the incredible breadth and ease of use of the Windows PC with the amazing power of the new AI-enhanced Bing to provide hundreds of millions of Windows 11 users the next era of computing," said Microsoft EVP & Chief Product Officer Panos Panay on Tuesday.

Microsoft announced today an early preview of Phone Link for iPhone users available to Windows Insiders running the latest Windows 11 builds. "The preview will begin rolling out to Insiders who have opted in their device into one of the 3 Insider Channels via Settings > Windows Update > Windows Insider Program," Microsoft Senior Program Manager Brandon LeBlanc said.

Microsoft is now force-installing the Microsoft Defender for Individuals application when installing or updating the Microsoft 365 apps."Starting in late February of 2023, the Microsoft Defender app will be included in the Microsoft 365 installer," the company says in a support document updated last week.