entra id

HP’s silent OneAgent update for a subset of its new “AI PC” laptops accidentally removed Microsoft-issued certificates and, in some cases, severed devices’ trust with Microsoft Entra ID — forcing HP to pull the patch, assist affected customers, and leave IT teams re-checking their assumptions...

HP quietly pulled a Windows update for its HP OneAgent after the package’s cleanup script removed legitimate Microsoft certificates — including tenant-specific Entra ID/Intune certificates — causing some HP “AI PC” devices to lose their Entra ID (Azure AD) join and preventing corporate sign‑in...

Microsoft’s Entra ID will let administrators create multiple, group‑scoped passkey profiles — a move that shifts passkey (FIDO2) controls from a single tenant‑wide setting to a flexible, profile-based model and introduces a broader acceptance of attestation formats when Enforce attestation is...

Microsoft Azure customers reported widespread trouble accessing the Azure Portal and other services on October 9, 2025, after Microsoft confirmed a capacity loss in Azure Front Door (AFD) that produced intermittent portal outages and downstream service degradation across parts of Europe and...

Microsoft corrected a potentially catastrophic identity flaw in Entra ID that could have allowed cross‑tenant impersonation of any user — including Global Administrators — by abusing undocumented internal tokens and a validation gap in a legacy API; the publicly tracked identifier for this issue...

Microsoft’s cloud and gaming ecosystems were shaken on Thursday, October 9, 2025, as a widespread outage left thousands of Microsoft 365, Teams, Azure, Microsoft Store, Xbox and Minecraft users unable to authenticate, log in, or reach admin portals — with a particularly high volume of reports...

Grand Traverse County is preparing a cautious entry into generative AI: commissioners are being asked to approve a near‑$400,000 renewal of the county’s Microsoft 365 subscription that includes a proposal to add 100 Microsoft 365 Copilot licenses as a controlled pilot, accompanied by an...

When a Dutch researcher glanced at a token stream while preparing a Black Hat talk, he didn’t just find a bug—he found a fault line in the foundations of cloud identity that could have allowed a single click to flip virtually every Microsoft Entra (Azure AD) tenant from secure to owned. The...

A newly disclosed flaw in Microsoft Entra ID — tracked as CVE-2025-55241 — exposed a fragile seam in cloud identity where undocumented internal tokens and a legacy API’s weak validation combined to create a near‑universal tenant takeover vector; Microsoft has patched the defect, but the incident...

Security researcher Dirk‑jan Mollema’s discovery of two linked vulnerabilities in Microsoft’s Entra ID architecture exposed a failure mode that, by design, could have allowed an attacker with limited on‑premises access to gain near‑complete control over hybrid Microsoft environments — a chain...

Windows Insiders on the Beta Channel received a small but meaningful preview build today: Windows 11 Insider Preview Build 26120.6690 (KB5065786), delivered to devices running Windows 11, version 24H2 as a Beta Channel enablement package and focused largely on controlled feature rollouts, bug...

Microsoft’s decision to let organizations stream single Windows applications from the cloud — instead of entire Cloud PC sessions — marks a pragmatic pivot in how enterprises will adopt Windows 365 for day-to-day workforces and frontline roles. The new Windows 365 Cloud Apps feature, now in...

Azure has made a decisive push to lower the operational friction of Kubernetes with the general availability of Azure Kubernetes Service (AKS) Automatic — an opinionated, fully managed mode of AKS that ships production-ready clusters with preselected networking, security, scaling, and...

BlinkOps’ announced integration with Microsoft Sentinel brings a new class of agentic security automation into the Azure ecosystem — available today through the Azure Marketplace and supported by prebuilt content in the Sentinel Content Hub — and that combination has immediate operational...

On October 14, 2025, support for Exchange Server 2016 and Exchange Server 2019 ends — one month from now — and organizations that delay face escalating operational risk, loss of security updates, and an increasingly narrow set of safe upgrade paths. Microsoft’s Exchange engineering team has...

Microsoft’s new Access Review Agent for Entra ID promises to turn one of the most tedious and error-prone identity-governance chores into a guided, AI-assisted workflow inside Microsoft Teams — but the convenience comes with clear prerequisites, operational trade-offs, and governance...

Microsoft and the European Commission have reached a binding settlement that will reshape how Microsoft 365, Office 365, and Microsoft Teams are sold and integrated across Europe — and, in practice, globally — by enforcing unbundling, minimum price deltas, expanded interoperability APIs, and...

Microsoft is taking the first concrete step in its phased enforcement of the dedicated Exchange hybrid app requirement: on September 16, 2025 at 07:00 UTC Microsoft will temporarily block Exchange Web Services (EWS) traffic that uses the Exchange Online shared service principal for hybrid...

Microsoft’s message at the Goldman Sachs Communicopia + Technology Conference was unambiguous: the company sees Copilot — and the broader Copilot/Foundry/agent stack — as the hinge that will turn today’s productivity applications into the operating system for the AI era, but the path from...

Hitachi Solutions Europe’s Proof of Concept (PoC) that let Microsoft applications — including Power Platform, Dynamics 365 and Microsoft Copilot — operate on live, sensitive case data stored in Amazon Web Services (AWS) without copying or moving that data represents a practical leap for secure...