Microsoft Security

Microsoft Fixes Entra ID Role Vulnerability That Allowed Service Principal Takeover

Microsoft has addressed a critical security weakness in its Entra ID platform that could have allowed attackers to gain control over service principals and escalate privileges within enterprise environments. The issue, uncovered by cybersecurity firm Silverfort, involved a built-in administrative role designed for managing artificial intelligence driven identities. Understanding the Role and the Risk The vulnerability […]

Microsoft Fixes Entra ID Role Vulnerability That Allowed Service Principal Takeover Read More »

Microsoft Confirms Active Exploitation of Windows Shell Vulnerability CVE-2026-32202

Microsoft has officially updated its security advisory to confirm that a recently patched vulnerability in Windows Shell has been actively exploited in real-world attacks. The flaw, identified as CVE-2026-32202, highlights ongoing risks within Windows environments despite recent security updates. Details of the Vulnerability The issue, assigned a CVSS score of 4.3, is categorized as a

Microsoft Confirms Active Exploitation of Windows Shell Vulnerability CVE-2026-32202 Read More »

Microsoft Releases Security Updates Fixing SharePoint Zero-Day and 168 Additional Vulnerabilities

Microsoft has released its latest Patch Tuesday security updates, addressing a total of 169 vulnerabilities across its software ecosystem. Among these is a zero-day vulnerability in SharePoint Server that is currently being exploited in real-world attacks. Breakdown of Vulnerabilities Out of the 169 identified flaws: A large portion of these issues, around 93 vulnerabilities, are related to privilege escalation. Other

Microsoft Releases Security Updates Fixing SharePoint Zero-Day and 168 Additional Vulnerabilities Read More »