Microsoft recently acknowledged a vulnerability affecting its email and calendar service Exchange that could allow an attacker to gain significant control over particular organizations' email servers ...

Parts of the federal enterprise are likely susceptible to the flaw that allows hackers to hijack on-premises versions of Active Directory. CISA plans to release an emergency directive on Thursday, ...

Administrators with hybrid Exchange Server environments are urged by Microsoft and the US Cybersecurity and Infrastructure Security Agency (CISA) to quickly plug a high-severity vulnerability or risk ...

Update, August 10, 2025: This story, originally published on August 7, has been updated with additional information following a demonstration of the shared service principal exploit at the Black Hat ...

Patch Tuesday: Microsoft Addresses 137 Vulnerabilities, Including High-Severity SQL Server RCE Your email has been sent Two SQL Server vulnerabilities raise concerns for data exposure and remote code ...

Microsoft has also offered security patches for 81 categories of vulnerabilities in September 2025 and on Patch Tuesday, two of which are publicly reported zero-day vulnerabilities that are highly ...

Overview On February 11, 2026, NSFOCUS CERT monitored Microsoft’s release of its February security update patches, addressing 59 security issues across widely used products such as Windows, Azure, ...

Microsoft this week announced it will be bringing its Extended Security Update (ESU) program for on-premises Exchange Server 2016 and 2019, offering organizations critical protection as they approach ...