Microsoft’s September Patch Tuesday lands for Windows 10 with a mix of stability fixes, enterprise controls and a new organizational backup capability — but the rollout is as much about operational discipline as it is about fresh features. The September 2025 cumulative updates bring build bumps...
enterprise it
epa
esu
extended security updates
intune
it security
kerberos hardening
os hardening
patch tuesday
pki
pkinit
rds
september 2025
smb auditing
smb signing
vdi
windows 10
windows 10 22h2
windows 365
windows backup for organizations
Microsoft has published advisory guidance tied to CVE‑2025‑55234 that focuses less on a new exploitable bug and more on enabling administrators to find and measure exposure to SMB relay‑style elevation‑of‑privilege attacks before they flip stronger hardening controls. The short form: the SMB...
Microsoft released the September 9, 2025 cumulative update for Windows 11, version 24H2 — KB5065426 (OS Build 26100.6584) — a combined security and quality rollup that both closes recent high‑priority vulnerabilities and addresses a string of functional regressions introduced earlier in the...
In a timely release that strikes at the heart of critical infrastructure security, the Cybersecurity and Infrastructure Security Agency (CISA) and the Environmental Protection Agency (EPA) unveiled a joint fact sheet detailing the significant cybersecurity risks posed by Internet-exposed Human...
In a bold move to fortify Windows environments, Microsoft has officially ramped up its defenses against NTLM relay attacks, a method that exploits the weaknesses of the long-reigning NTLM (NT LAN Manager) authentication protocol. As we venture into a new era for Windows security, it’s essential...
Original release date: October 14, 2021
Summary
Immediate Actions WWS Facilities Can Take Now to Protect Against Malicious Cyber Activity
• Do not click on Link Removed.
• If you use RDP, secure and monitor it.
• Use Link Removed.
• Use Link Removed.
Note: This advisory uses the MITRE...
Original release date: February 11, 2021
Summary
On February 5, 2021, unidentified cyber actors obtained unauthorized access to the supervisory control and data acquisition (SCADA) system at a U.S. drinking water treatment plant. The unidentified actors used the SCADA system’s software to...