💥 Microsoft: March Windows updates break Teams, OneDrive sign-ins

｢ The list of affected applications also includes Microsoft Edge, Excel, Word, and Microsoft 365 Copilot, which will display the same error message for features that require a Microsoft account sign-in ｣
https://www.bleepingcomputer.com/news/microsoft/kb5079473-march-windows-11-update-breaks-microsoft-account-sign-ins/

#ms #PatchTuesday #vibecoding

Microsoft Patch Tuesday March 2026: 80+ vulnerabilities fixed. Dozens of vendors patch security flaws alongside Microsoft. Monthly patch cycle continues to be critical enterprise maintenance. 🛠️🔒

#PatchTuesday #infosec #Microsoft

Source: https://thehackernews.com/2026/03/dozens-of-vendors-patch-security-flaws.html

#Microsoft March 2026 #PatchTuesday fixes 2 zero-days, 79 flaws

https://www.bleepingcomputer.com/news/microsoft/microsoft-march-2026-patch-tuesday-fixes-2-zero-days-79-flaws/

#cybersecurity #Windows

Hello cyber pros! It's been a week of critical reminders about cloud security, diligent patching, and the evolving nature of warfare. Let's dive into the latest:

Salesforce Cloud Misconfigurations Under Attack ⚠️
- Threat actors are actively exploiting "overly permissive" guest user configurations in Salesforce Experience Cloud to steal sensitive data.
- This isn't a Salesforce platform vulnerability, but rather a customer misconfiguration. Attackers are using modified Aura Inspector tools to scan and extract data from public-facing sites.
- Actionable advice: audit guest user profiles, set company-wide defaults to "private", disable public APIs, restrict visibility, disable self-registration if not needed, and regularly review event monitoring logs.

👁️ Dark Reading | https://www.darkreading.com/application-security/overly-permissive-salesforce-cloud-configs-crosshairs

Microsoft's March Patch Tuesday 🛡️
- Microsoft released patches for 83 CVEs this month, with six identified as "more likely to exploit" and eight critical severity.
- A notable critical RCE (CVE-2027-21536, CVSS 9.8) in the Microsoft Devices Pricing Program was already patched and mitigated, uniquely identified by an AI agent.
- Two publicly known (zero-day) flaws, CVE-2026-26127 (.NET DoS) and CVE-2026-21262 (SQL Server EoP), are considered low threat despite public disclosure.
- Key EoP vulnerabilities include three in the Windows kernel (CVE-2026-24289, CVE-2026-26132, CVE-2026-24287) and others in SMB Server (CVE-2026-24294) and Microsoft Graphics Component (CVE-2026-23668), all with higher exploit likelihood.
- Two RCEs in Microsoft Office (CVE-2026-26113, CVE-2026-26110, CVSS 8.4) can be exploited via the Preview Pane without opening malicious files. Mitigate by disabling Preview Pane and restricting untrusted Office files.

👁️ Dark Reading | https://www.darkreading.com/application-security/microsoft-patches-83-cves-march-update

Cloud Resilience in Modern Warfare ☁️
- Recent Middle East conflicts saw physical attacks, including drone strikes, on AWS facilities in the UAE and Bahrain, causing significant structural damage and service disruptions.
- This highlights a critical shift: hyper-scale cloud data centres are now "Tier 1 strategic targets" in modern warfare, as militaries and governments increasingly rely on cloud infrastructure.
- Traditional cloud resilience strategies, designed for natural disasters, are insufficient against kinetic attacks that can permanently destroy hardware or sever physical connectivity.
- Organisations must rethink disaster recovery and data governance, especially for real-time, low-latency workloads. The concept of "Allied Data Sovereignty" may emerge, advocating for data backups in allied nations to ensure survival during crises.

👁️ Dark Reading | https://www.darkreading.com/cyber-risk/middle-east-conflict-highlights-cloud-resilience-gaps

#CyberSecurity #ThreatIntelligence #CloudSecurity #Salesforce #Misconfiguration #PatchTuesday #Microsoft #Vulnerabilities #RCE #EoP #CyberWarfare #CloudResilience #InfoSec

🖥️ Mises à jour Windows : comprendre les numéros KB et le Patch Tuesday

👉 https://www.justgeek.fr/mises-a-jour-windows-patch-tuesday-kb-147957/

#WindowsUpdate #MàJ #PatchTuesday #Windows11 #Microsoft