enterprise security

Microsoft’s Copilot agent governance has slid into the spotlight after multiple, independent reports found that tenant-level policies intended to prevent user access to AI agents were not reliably enforced — a misconfiguration and control-plane gap that left some Copilot Agents discoverable or...

Microsoft has quietly begun testing a conversational, meaning‑aware file and image search inside the Copilot app on Windows 11, a change that lets you describe what you’re looking for instead of hunting for exact filenames — and it’s arriving first to Copilot+ PCs as a staged Windows Insider...

Microsoft quietly patched a vulnerability in Microsoft 365 Copilot that allowed the assistant to read and summarize enterprise files without producing the expected Purview audit entry — a gap that, if exploited, could let insiders or attackers extract sensitive data while leaving no trace in...

A high-severity memory-corruption flaw in Chromium’s V8 JavaScript engine, tracked as CVE-2025-9132, has been patched in the Chrome 139 stable update; the vulnerability is an out‑of‑bounds write that can lead to heap corruption and, in the worst case, remote code execution when a user visits a...

Microsoft’s August 2025 Intune update materially expands the platform’s security controls and enrollment ergonomics, delivering four headline features—granular App Control targeting, automatic patching during device setup, near‑real‑time Apple software update visibility via Declarative Device...

Microsoft has made the Model Context Protocol (MCP) a first‑class citizen in Visual Studio, shipping general availability support that lets Copilot Chat and other agentic features connect to local or remote MCP servers via a simple .mcp.json configuration — a major convenience for developers...

TÜV SÜD’s decision to fold Microsoft Defender and Microsoft Security Copilot into its global security operations marks a clear bet on AI-augmented defense: the German testing, inspection, and certification giant reports faster investigations, consistent reporting, and a rapid ramp-up for junior...

Copilot Vision is the clearest sign yet that Microsoft wants your PC to be an active, visual partner — not just a passive tool — and that ambition already makes a meaningful difference in real-world workflows while raising important questions about reliability, privacy, and when to trust a...

The NFL’s long-running technology relationship with Microsoft has formally entered an AI-first phase, as a multiyear extension folds Microsoft Copilot, Azure AI services, and an expanded Surface device footprint into sideline operations, scouting workflows, broadcast tooling, and front-office...

A security researcher’s routine Copilot query revealed a startling blind spot in Microsoft’s logging: under certain prompts, Copilot could return file summaries without leaving the expected Purview audit entry — and, according to the researcher, Microsoft quietly rolled out a fix without issuing...

Microsoft’s expanded deal with the NFL is not a simple renewal — it’s an explicit push to fold generative AI and cloud-first tools deeper into the game-day workflow, from the sideline to scouting rooms and front-office operations. Background The partnership between Microsoft and the NFL dates...

Microsoft employees have erected a protest encampment on the company’s Redmond campus, turning a high-profile workplace dispute over Israel ties into a public test of Microsoft’s ethics, governance, and operational transparency. protest is the latest escalation in a year-long campaign by...

Microsoft has confirmed a regression in the August 2025 security updates that can break built‑in reset and recovery operations on several still‑supported Windows client branches, forcing administrators and home users to pause certain recovery workflows while the company prepares an out‑of‑band...

Microsoft’s Snipping Tool appears poised to flip the traditional screenshot workflow by letting you draw and highlight on the live screen before you capture it — a change that promises faster annotation, tighter AI integrations, and a more pen‑friendly experience across Windows devices...

Microsoft’s Snipping Tool is being readied to let you draw directly on the live screen before you capture it — a change that would flip the traditional screenshot workflow and bring the app closer to dedicated third‑party capture utilities and inking-first workflows already familiar to tablet...

Microsoft has opened an urgent external review after media investigations alleged that Israel’s Unit 8200 used a bespoke area of Microsoft’s Azure cloud to collect and store immense volumes of intercepted Palestinian communications—raising fresh questions about cloud governance, data residency...

Microsoft's vision for Windows is no longer limited to desktops or a single input device — it's a multi-layered strategy that stitches cloud-first hardware, on-device AI accelerators, and richer multimodal interactions into a single computing continuum meant to be more ambient, private, and...

Chromium security teams fixed a high‑risk out‑of‑bounds write in the ANGLE graphics translation layer (tracked as CVE‑2025‑8901), and users of Chromium‑based browsers — including Microsoft Edge after Microsoft ingests the Chromium update — must upgrade to the patched builds (Chrome...

A race condition in V8, tracked as CVE‑2025‑8880, was disclosed by the Chromium team and fixed upstream in Chrome Stable — the flaw could allow a remote attacker to execute code inside the browser sandbox via a crafted webpage, and Chromium-based browsers (including Microsoft Edge) are advised...

A newly recorded Chromium vulnerability, tracked as CVE-2025-8881, exposes a weakness in the browser’s File Picker implementation that can be coaxed into leaking cross‑origin data when a user is tricked into specific UI gestures on a crafted page; the bug affects Google Chrome builds prior to...