Vue normale

Il y a de nouveaux articles disponibles, cliquez pour rafraîchir la page.
Hier — 11 juillet 20264sysops

Windows settings backup becomes enabled by default in Windows 11 26H2

Par : IT News
11 juillet 2026 à 18:00
Windows settings backup becomes enabled by default in Windows 11 26H2
Microsoft is shifting the default behavior for Windows settings backup and restore from disabled to enabled starting with Windows 11 version 26H2. This change applies to Microsoft Entra-joined and hybrid-joined enterprise devices, automatically backing up user settings and Microsoft Store app lists to Exchange Online storage. The transition aims to simplify PC refresh cycles and device migrations by ensuring a baseline of resilience is active without manual intervention.

Source

Windows 11 Cross Device Service bug causes massive RAM and storage consumption

Par : IT News
11 juillet 2026 à 11:09
Windows 11 Cross Device Service bug causes massive RAM and storage consumption
Windows 11 users are reporting a significant memory leak tied to the Cross Device Service, a background component used by the Phone Link application. This service facilitates features like notification syncing and clipboard sharing but can erroneously consume between 15GB and 30GB of RAM. The issue appears to develop gradually over time, eventually degrading system performance and forcing users to manually terminate the process via Task Manager.

Source

Microsoft clarifies Windows monthly servicing and enterprise channel unification

Par : IT News
10 juillet 2026 à 22:07
Microsoft clarifies Windows monthly servicing and enterprise channel unification
Microsoft has detailed its modern Windows servicing model, which centers on cumulative monthly security updates released on the second Tuesday of each month. These "Patch Tuesday" rollouts bundle all previous security and non-security fixes to simplify deployment and reduce version fragmentation across client and server endpoints. Administrators can also utilize optional non-security preview updates released late in the month to validate upcoming features and fixes before they are integrated into the next mandatory rollup.

Source

À partir d’avant-hier4sysops

Managing CodexSandboxUser accounts and profile errors in Windows 11

Par : IT News
10 juillet 2026 à 16:07
Managing CodexSandboxUser accounts and profile errors in Windows 11
OpenAI Codex creates local security principals such as CodexSandboxUser, CodexSandboxOffline, and CodexSandboxOnline to execute AI-generated commands in an isolated environment. This architecture prevents potentially unsafe code from accessing the primary user's files or system settings by running tasks with limited privileges. These accounts are legitimate security features and should remain on the system as long as the Codex Desktop tool or related CLI utilities are in use.

Source

Leaked web‑native Copilot OS and 4,800 Microsoft layoffs

Par : IT News
10 juillet 2026 à 12:56
Leaked web‑native Copilot OS and 4,800 Microsoft layoffs
Microsoft is internally testing an experimental, web-native operating system prototype known as Project Aion. This "Copilot OS" replaces the traditional Windows desktop environment and Start menu with an interface built entirely inside the Microsoft Edge browser. The platform-agnostic design focuses on agentic AI and task-based organization rather than local software execution.

Source

Microsoft Defender patch for RoguePlanet zero-day may exhaust disk space

Par : IT News
10 juillet 2026 à 12:44
Microsoft Defender patch for RoguePlanet zero-day may exhaust disk space
Microsoft recently released an emergency update for the Malware Protection Engine to address a critical zero-day vulnerability known as RoguePlanet. Tracked as CVE-2026-50656, the original flaw allows remote attackers to gain SYSTEM privileges on Windows 10 and 11 devices through a race condition. While the update successfully mitigates the privilege escalation risk, it reportedly introduces a secondary issue that can be exploited to cause a denial-of-service state.

Source

Microsoft pauses Secure Boot certificate updates due to firmware compatibility issues

Par : IT News
10 juillet 2026 à 12:17
Microsoft pauses Secure Boot certificate updates due to firmware compatibility issues
Microsoft has confirmed that Secure Boot certificate updates are failing or being blocked on a subset of Windows 11 PCs. This issue stems from specific firmware configurations where applying the new 2023 certificates could trigger boot failures or BitLocker recovery screens. As a precaution, the rollout has been paused for affected devices while Microsoft works with hardware manufacturers to develop necessary firmware patches.

Source

Rising vulnerability volume forces shift from CVE tracking to rapid patching

Par : IT News
10 juillet 2026 à 12:17
Rising vulnerability volume forces shift from CVE tracking to rapid patching
The massive influx of new vulnerabilities is overwhelming traditional security workflows, with Microsoft alone reporting over 200 CVEs in a single month. This surge is largely attributed to AI-driven vulnerability discovery, which has significantly accelerated the pace at which flaws are identified and exploited. Consequently, many organizations are moving away from granular CVE tracking in favor of immediate, automated deployment of all vendor-provided patches.

Source

Microsoft launches Windows 365 for Agents to secure AI workloads

Par : IT News
9 juillet 2026 à 20:13
Microsoft launches Windows 365 for Agents to secure AI workloads
Microsoft has introduced Windows 365 for Agents, a specialized Cloud PC service designed to provide a managed and isolated execution environment for AI agents. These dedicated virtual machines allow organizations to apply the same security and compliance frameworks to automated workloads that they currently use for human employees. By moving agents away from unmanaged local or shared infrastructure, the service aims to eliminate risks like privilege escalation and lateral movement.

Source

GigaWiper backdoor merges multiple malware families for disk destruction

Par : IT News
9 juillet 2026 à 19:42
GigaWiper backdoor merges multiple malware families for disk destruction
Microsoft Threat Intelligence has identified GigaWiper, a sophisticated Golang-based backdoor that integrates components from three distinct malware families. This modular implant combines command-and-control capabilities with destructive payloads, including physical disk wiping and fake ransomware routines. By consolidating tools like Crucio and FlockWiper, threat actors can switch between stealthy espionage and immediate system sabotage within a single deployment.

Source

Microsoft shifts to AI-driven security patching to counter rising threat volume

Par : IT News
9 juillet 2026 à 19:42
Microsoft shifts to AI-driven security patching to counter rising threat volume
Microsoft is significantly increasing the volume of its monthly security updates by integrating artificial intelligence into its discovery and validation processes. This shift follows the June 2026 Patch Tuesday release, which addressed over 200 vulnerabilities across Windows, Azure, and Office. The company is utilizing a multi-model agentic scanning harness to identify potential flaws earlier in the development lifecycle.

Source

Microsoft brings native Linux container support to Windows 10 via WSL

Par : IT News
9 juillet 2026 à 15:33
Microsoft brings native Linux container support to Windows 10 via WSL
Microsoft has confirmed that its new WSL Containers (WSLc) feature is compatible with Windows 10, back-porting a capability originally expected to be exclusive to Windows 11. This tool allows developers and system administrators to create, run, and manage Linux containers directly through the command line using the wslc.exe binary. By leveraging the existing Windows Subsystem for Linux (WSL) infrastructure, the feature eliminates the requirement for third-party container runtimes like Docker Desktop or Podman.

Source

GodDamn ransomware uses Microsoft-signed PoisonX driver to kill security tools

Par : IT News
9 juillet 2026 à 15:33
GodDamn ransomware uses Microsoft-signed PoisonX driver to kill security tools
The GodDamn ransomware, a rebrand of the Beast and Monster strains, has emerged using a sophisticated defense evasion technique to neutralize endpoint protection. The threat group, known as Hyadina, gains initial access through remote desktop tools like AnyDesk and deploys a credential-harvesting toolkit based on NirSoft utilities. This toolkit targets a wide range of sensitive data, including browser history, Windows Credential Manager entries, Wi-Fi profiles, and live network traffic.

Source

Microsoft patches RoguePlanet zero-day vulnerability in Defender engine

Par : IT News
9 juillet 2026 à 11:51
Microsoft patches RoguePlanet zero-day vulnerability in Defender engine
Microsoft has released a critical update for the Microsoft Malware Protection Engine to address a zero-day vulnerability known as RoguePlanet. Tracked as CVE-2026-50656, the flaw resides in the core scanning engine that powers Microsoft Defender across Windows 10, Windows 11, and Windows Server. The fix is delivered through engine version 1.1.26060.3008, which corrects flawed file-handling logic during malware remediation processes.

Source

Windows 11 Cloud rebuild: recovering unbootable PCs from WinRE

Par : IT Experts
8 juillet 2026 à 21:53
Cloud rebuild data loss warning screen (image Microsoft)
Microsoft is testing a new recovery feature called Cloud rebuild that reinstalls Windows 11 from the cloud even when the operating system cannot start. Currently available in Insider Preview Build 26300.8772, Cloud rebuild downloads both the Windows image and device drivers from Windows Update, eliminating the need for USB media or a custom image. This article explains how Cloud rebuild works, what prerequisites it requires, and how you can initiate it from the Windows Recovery Environment (WinRE).

Source

Microsoft warns AI-driven exploits require faster Windows update cycles

Par : IT News
8 juillet 2026 à 21:09
Microsoft warns AI-driven exploits require faster Windows update cycles
Microsoft is urging organizations to accelerate their patching schedules due to the rise of AI-driven threat discovery. Attackers are increasingly using artificial intelligence to analyze software and develop working exploits much faster than in previous years. This shift significantly shrinks the safe window between a vulnerability disclosure and active exploitation, making traditional deployment delays dangerous.

Source

Windows 11 bug causes permission log to consume hundreds of gigabytes of storage

Par : IT News
8 juillet 2026 à 12:26
Windows 11 bug causes permission log to consume hundreds of gigabytes of storage
Microsoft has confirmed a defect in the Windows 11 Capability Access Manager (camsvc) that causes a specific log file to expand indefinitely. The file, named CapabilityAccessManager.db-wal, acts as a write-ahead log for a database that tracks when applications request access to sensitive resources like cameras and microphones. While this file typically occupies only a few megabytes, the bug prevents it from being compacted, leading to storage consumption exceeding 500 GB on some systems.

Source

Windows telemetry and anti-piracy identifiers aid in ransomware investigation

Par : IT News
8 juillet 2026 à 12:14
Windows telemetry and anti-piracy identifiers aid in ransomware investigation
The U.S. Department of Justice recently utilized Microsoft Windows telemetry to track and arrest a suspected member of the Scattered Spider ransomware group. Investigators linked the suspect to criminal activity by leveraging the Global Device Identifier (GDID), a persistent ID designed to uniquely identify a Windows installation. This identifier allows Microsoft to track specific devices across various services and scenarios, including virtual machines and physical hardware.

Source

Microsoft modernizes legacy Windows 11 dialogs to remove Windows 8 era references

Par : IT News
8 juillet 2026 à 12:14
Microsoft modernizes legacy Windows 11 dialogs to remove Windows 8 era references
Microsoft is updating a legacy local account recovery key dialog in Windows 11 that still references the Windows 8 Search charm. This specific prompt appears when users transition from a Microsoft account to a local account on devices utilizing BitLocker or device encryption. The outdated text instructs users to utilize a feature that was officially retired nearly a decade ago with the release of Windows 10.

Source

❌
❌