Get a free, read-only audit tool to scan your Active Directory for password vulnerabilities and receive an easy-to-understand interactive report - your first step to stronger password security!
Start my free audit

Source

Microsoft has introduced several updates to Windows management and deployment tools, including the automatic inclusion of Windows Autopatch for Government Community Cloud customers. Hotpatching is now enabled by default for organizations using Autopatch via Intune or the Graph API, provided devices are not already governed by specific quality update policies. Additionally, Enterprise State Roaming management is transitioning from the Entra portal to Microsoft Intune, with the migration expected to conclude by late June.

Source

A critical stack-based buffer overflow vulnerability in the Windows Netlogon service is currently being exploited in active cyberattacks. Identified as CVE-2026-41089, this flaw allows unauthenticated attackers to execute arbitrary code with SYSTEM-level privileges on targeted domain controllers. The exploit is particularly dangerous because it requires zero user interaction and can be triggered by sending a specially crafted network request.

Source

Microsoft announced on May 8, 2026, that it will retire direct certificate-based authentication (CBA) for Exchange ActiveSync (EAS) by the end of 2026. If your organization uses certificates to authenticate mobile devices against Exchange Online, you must migrate to a new method before the deadline, or your users' mobile email will stop working. This article explains what the change means, who is affected, and what steps you need to take.

Source

In hybrid Exchange environments, organizations have long been forced to keep an on-premises Exchange Server running just to manage Exchange-related settings for mailboxes already hosted in Exchange Online. Microsoft has been addressing this with the Cloud-Managed Remote Mailboxes feature, and its latest addition — writeback — entered public preview on May 15, 2026. Writeback automatically pushes Exchange attribute changes made in Exchange Online back to your on-premises Active Directory, so internal line-of-business applications that read from AD stay in sync. This article explains what writeback does, what you need to configure it, and how it supports decommissioning your last on-premises Exchange Server.

Source

Microsoft Identity Manager (MIM) 2016 Service Pack 3 (SP3) became generally available on May 14, 2026, after an initial release in late March 2026 that Microsoft quietly withdrew without public explanation. SP3 is primarily a platform compatibility update: it adds support for SQL Server 2022, SharePoint Subscription Edition (SE), and Exchange Server SE. The most technically significant additions are Azure SQL Database support for the Synchronization Service using managed identities and claims-based authentication via Active Directory Federation Services (AD FS) for the MIM Portal. MIM 2016 remains supported until January 9, 2029.

Source