https://hackingpassion.com/tags/microsoft/Recent content in Microsoft on HackingPassion.com : root@HackingPassion.com-[~]HugoenThu, 11 Jun 2026 12:08:30 +0200https://hackingpassion.com/miasma-worm-ai-coding-agents/Thu, 11 Jun 2026 12:08:30 +0200https://hackingpassion.com/miasma-worm-ai-coding-agents/<p>GitHub disabled <strong>73 of Microsoft&rsquo;s own repositories in 105 seconds</strong>, after a worm called <strong>Miasma</strong> planted a credential stealer inside Microsoft&rsquo;s Azure code on GitHub.</p> <p>The part that makes this different is how it ran. A developer did not need to build the project or install a package. <strong>Opening one of those repositories in an AI editor, VS Code, Claude Code, Cursor, or Gemini, was enough to set it off.</strong> 😱</p>https://hackingpassion.com/redsun-undefend-defender-zero-days/Sun, 19 Apr 2026 10:57:14 +0200https://hackingpassion.com/redsun-undefend-defender-zero-days/<p>Two unpatched Windows Defender zero-days have been actively exploited since <strong>April 16th</strong>, and both of them work on fully patched <strong>Windows 10</strong>, <strong>Windows 11</strong>, and <strong>Server 2019</strong> and later, including machines that installed this month&rsquo;s Patch Tuesday updates. One of them makes Defender write the attacker&rsquo;s payload into <strong>System32</strong> by itself, then stands back and lets Windows run it as <strong>SYSTEM</strong>. The other blocks Defender from receiving any new virus definitions and lies to the EDR management console about it, showing green checkmarks on machines that are already fully compromised. 😏</p>https://hackingpassion.com/ntlm-finally-disabled/Wed, 04 Feb 2026 11:31:37 +0100https://hackingpassion.com/ntlm-finally-disabled/<p>32 years. That is how long it took Microsoft to disable NTLM, the protocol that handles Windows login authentication. A broken system linked to $10 billion in damages and some of the worst cyberattacks ever recorded. Hackers have been exploiting it since 2001. Here is the story of why it took this long.</p> <p>On January 30, 2026, Microsoft announced they will finally disable NTLM by default in future Windows releases.</p>https://hackingpassion.com/windows-one-update-ten-problems/Wed, 28 Jan 2026 14:10:10 +0100https://hackingpassion.com/windows-one-update-ten-problems/<p>Microsoft pushed one security update. It broke at least 10 different things. 114 security fixes. Two emergency patches. PCs that won&rsquo;t boot. Outlook that crashes. Remote Desktop that fails. Shutdown buttons that do nothing. And Microsoft is still investigating why some systems show a black screen and never start again. 🧐</p> <p><strong>A Windows and Microsoft story that keeps getting worse.</strong></p> <p>This was one of the largest Patch Tuesday releases in history. 114 vulnerabilities fixed, 8 rated Critical, 106 Important. The breakdown: 57 privilege escalation flaws, 22 remote code execution bugs, and 22 information disclosure vulnerabilities. Three zero-days in total, one actively exploited in the wild and two publicly known before Microsoft could patch them. In 2025 alone, Microsoft patched 1,130 CVEs across the year, 12% more than 2024.</p>