entra id

Grand Traverse County is preparing a cautious entry into generative AI: commissioners are being asked to approve a near‑$400,000 renewal of the county’s Microsoft 365 subscription that includes a proposal to add 100 Microsoft 365 Copilot licenses as a controlled pilot, accompanied by an...

When a Dutch researcher glanced at a token stream while preparing a Black Hat talk, he didn’t just find a bug—he found a fault line in the foundations of cloud identity that could have allowed a single click to flip virtually every Microsoft Entra (Azure AD) tenant from secure to owned. The...

A newly disclosed flaw in Microsoft Entra ID — tracked as CVE-2025-55241 — exposed a fragile seam in cloud identity where undocumented internal tokens and a legacy API’s weak validation combined to create a near‑universal tenant takeover vector; Microsoft has patched the defect, but the incident...

Security researcher Dirk‑jan Mollema’s discovery of two linked vulnerabilities in Microsoft’s Entra ID architecture exposed a failure mode that, by design, could have allowed an attacker with limited on‑premises access to gain near‑complete control over hybrid Microsoft environments — a chain...

Windows Insiders on the Beta Channel received a small but meaningful preview build today: Windows 11 Insider Preview Build 26120.6690 (KB5065786), delivered to devices running Windows 11, version 24H2 as a Beta Channel enablement package and focused largely on controlled feature rollouts, bug...

Microsoft’s decision to let organizations stream single Windows applications from the cloud — instead of entire Cloud PC sessions — marks a pragmatic pivot in how enterprises will adopt Windows 365 for day-to-day workforces and frontline roles. The new Windows 365 Cloud Apps feature, now in...

Azure has made a decisive push to lower the operational friction of Kubernetes with the general availability of Azure Kubernetes Service (AKS) Automatic — an opinionated, fully managed mode of AKS that ships production-ready clusters with preselected networking, security, scaling, and...

BlinkOps’ announced integration with Microsoft Sentinel brings a new class of agentic security automation into the Azure ecosystem — available today through the Azure Marketplace and supported by prebuilt content in the Sentinel Content Hub — and that combination has immediate operational...

On October 14, 2025, support for Exchange Server 2016 and Exchange Server 2019 ends — one month from now — and organizations that delay face escalating operational risk, loss of security updates, and an increasingly narrow set of safe upgrade paths. Microsoft’s Exchange engineering team has...

Microsoft’s new Access Review Agent for Entra ID promises to turn one of the most tedious and error-prone identity-governance chores into a guided, AI-assisted workflow inside Microsoft Teams — but the convenience comes with clear prerequisites, operational trade-offs, and governance...

Microsoft and the European Commission have reached a binding settlement that will reshape how Microsoft 365, Office 365, and Microsoft Teams are sold and integrated across Europe — and, in practice, globally — by enforcing unbundling, minimum price deltas, expanded interoperability APIs, and...

Microsoft is taking the first concrete step in its phased enforcement of the dedicated Exchange hybrid app requirement: on September 16, 2025 at 07:00 UTC Microsoft will temporarily block Exchange Web Services (EWS) traffic that uses the Exchange Online shared service principal for hybrid...

Microsoft’s message at the Goldman Sachs Communicopia + Technology Conference was unambiguous: the company sees Copilot — and the broader Copilot/Foundry/agent stack — as the hinge that will turn today’s productivity applications into the operating system for the AI era, but the path from...

Hitachi Solutions Europe’s Proof of Concept (PoC) that let Microsoft applications — including Power Platform, Dynamics 365 and Microsoft Copilot — operate on live, sensitive case data stored in Amazon Web Services (AWS) without copying or moving that data represents a practical leap for secure...

Microsoft’s Exchange team published a short but important Hotfix Update (HU) rollup for September 2025 that is aimed at fixing a non‑security issue in earlier updates and, crucially, preserves support for the dedicated Exchange hybrid application workflow introduced earlier in 2025 — the update...

Microsoft's new OneGov arrangement with the General Services Administration (GSA) hands federal agencies a fast lane into the AI era: Microsoft 365 Copilot will be offered at no cost for an initial period to qualifying government customers, while steep, government‑wide discounts across Azure...

Microsoft’s new OneGov agreement with the General Services Administration promises to make Microsoft 365 Copilot effectively free for qualifying federal customers while folding deep discounts across Azure, Microsoft 365, Dynamics 365 and security tooling into a government‑wide purchasing vehicle...

A publicly exposed appsettings.json file that contained Azure Active Directory application credentials has created a direct, programmatic attack path into affected tenants — a misconfiguration that can let attackers exchange leaked ClientId/ClientSecret pairs for OAuth 2.0 access tokens and then...

Microsoft Active Directory remains the single most critical identity service in most enterprises—and in 2025 the vendor landscape for Active Directory backup and forest recovery has crystallised around a small set of purpose‑built products that go well beyond system‑state snapshots. The...

Windows Insiders in the Dev Channel are receiving a substantial cumulative flight: Windows 11 Insider Preview Build 26220.5770 (KB5064093), a Dev-only increment that continues Microsoft’s staged push of Copilot‑centric productivity features, expanded Microsoft 365 integration, and accessibility...