Microsoft renames E5 Mini Suites in tenant

All #ITadmins, especially those responsible for #ActiveDirectory, will want to be aware of this critical OOB fix that Microsoft just released. This is the 2nd fix for a #WSUS Remote Code Execution Vulnerability, as the first one didn’t sufficiently fix the issue. Rated: #critical https://lnkd.in/enrJdt23

Step 1: Get WSUS off the unwashed internet. Now. Stop reading this and go! When you're done, come back to read the rest of this post. Step 2: Patch WSUS. VERY soon. Like today. Step 3: Replace WSUS. Soon. Start evaluating alternatives Monday. My suggestion for small-to-medium businesses without a large number of legacy machines, a highly heteroegenous environment, or very particular requirements: Windows Update for Business. Like WSUS, it's free (with a valid Wndows license), but unlike WSUS, it's easy to setup and maintain!

E5 bundles are powerful. But they’re also the most expensive Microsoft SKU. Here’s the mistake I see often:➡️ Jumping to M365 E5 just to access one or two features. Instead, you might be better off with: • E3 + Microsoft Defender Suite • E3 + Microsoft Purview Suite • Just the specific add-on SKU you need such as Microsoft 365 E5 Information Protection and Governance If you’re still using third-party security or compliance tools, it rarely makes sense to go full E5 until you're ready to switch. Let’s build your licensing around how you actually work, not just what Microsoft promotes.

Managing your own Microsoft email tenant, licensing, and properly configuring security can be a challenge. The GDS Professional and GDS Secure Plus plans include everything from remote desktop monitoring to Microsoft 365 licenses, backups, and compliance-aligned protection, all with predictable pricing. Read more about this in our latest blog on Managed Desktop Services. https://bit.ly/46DKYXU https://bit.ly/4np8oYv | 888-435-7986 #TechROI #CostSavings #GDSProfessional #GDSSecurePlus #GetGDS

Several Microsoft products (listed below) have reached the end of support or retirement as of today. Starting tomorrow, these products will no longer receive security updates, non-security updates, bug fixes, or technical support.

Microsoft's latest Windows 11 updates, KB5066835 and KB5066793, address critical security vulnerabilities, preventing potential exploitation. Failure to apply these updates exposes systems to remote code execution and data compromise. Organizations must immediately apply the latest Windows 11 updates to mitigate the risk of exploitation and protect against potential data breaches. ⚠️ #ai #cybersecurity https://lnkd.in/g78qbHJ3

As of 14 October 2025, Microsoft has officially ended free updates and technical support for Windows 10. For Australian enterprises, particularly in finance, healthcare, education, and government, this technical change can pose a strategic risk intersecting cybersecurity, compliance, and governance. Running unsupported systems may breach Privacy Act 1988 obligations, Essential Eight maturity requirements, and APRA CPS 234 standards. Our new guide explains what “End of Support” means, how Microsoft's Extended Security Updates (ESU) work, and why upgrading to Windows 11 or adopting Windows 365 Cloud PC may be the safest path forward. What you’ll learn: ✅ Compliance implications for AU organisations ✅ Cost and risk analysis for ESU, upgrades, or cloud options ✅ Step-by-step migration plan aligned with Essential Eight ✅ Environmental & sustainability considerations Read the full article: 👉https://lnkd.in/g9d7hnEc #KonvergeAustralia #Windows10 #freeguide

Microsoft’s latest CVE (2025-59287) exposes a critical flaw in WSUS and it’s being actively exploited. 🔒 On-prem update infrastructure is no longer safe ☁️ Cloud-based Intune is the future 📈 Secure, policy-driven updates with full audit trails If you’re still relying on WSUS, it’s time to rethink. We help organisations migrate to Intune with **hardened, stakeholder-ready update strategies**. 📧 contactus@kumonix.com 🔗 www.Kumonix.com #WSUS #IntuneMigration #SecurityConsulting #PatchManagement

🚨 New pre‑auth RCE in WSUS (CVE‑2025‑59287). Microsoft just dropped an out‑of‑band patch. If WSUS is your patching backbone, this one demands immediate action. A flaw in WSUS allows unauthenticated, low‑complexity remote code execution - and a public PoC is already out. This can be wormable between WSUS servers. Why it matters • It targets the system that ships your updates - compromise here can turn “patching” into “payload delivery.” • CVSS 9.8 / Exploitation More Likely per Microsoft’s index. • Microsoft pushed an OOB fix on Oct 24, 2025, underscoring urgency. Who’s affected Windows Server 2012 to 2025 with the WSUS role enabled (it’s not on by default). If the role is enabled without the fix, you’re exposed. Do this now 1. Patch immediately (see KBs below). Reboot required. 2. Can’t patch yet? Temporarily disable the WSUS role or block inbound 8530/8531 at the host firewall to cut the attack path. 3. Restrict access to WSUS to only managed clients; monitor for unusual calls to the WSUS GetCookie endpoint and anomalous WSUS traffic. 4. Plan forward: WSUS is deprecated; start your migration path (e.g., Intune/MEM) if you haven’t already. KBs for quick rollout • Server 2025 - KB5070881 • Server 23H2 - KB5070879 • Server 2022 - KB5070884 • Server 2019 - KB5070883 • Server 2016 - KB5070882 • Server 2012 R2 - KB5070886 • Server 2012 - KB5070887 Microsoft link for details https://lnkd.in/eyY4PjSC Are you still running WSUS, or moving to Intune? What’s your mitigation plan this weekend? Follow for fast, plain‑English breakdowns of high‑impact CVEs and practical fixes. #CVE202559287 #CVE #WSUS #WindowsServer #InfoSec #SecOps #PatchManagement #BlueTeam #RCE #Microsoft

The recent Microsoft 365 outage provides a powerful case study in modern cloud architecture and security. The root cause wasn't a direct application failure, but a latent code defect in an Azure Active Directory (AAD) backend update. This crippled a critical authentication service, causing a cascading failure that locked users out of Teams and Outlook. This incident perfectly illustrates why traditional network security models are obsolete. A classic firewall, focused only on IPs and ports, would have been blind to this internal service dependency. The lesson is clear: Identity is the new perimeter. The failure occurred in the core identity fabric that Zero-Trust principles are built upon. Modern, application-aware firewalls and a Zero-Trust posture ("never trust, always verify") are essential, but this event shows they depend on the absolute resilience of that underlying identity layer. For security professionals, this reinforces that our strategies must extend beyond our own controls. We must vet the architectural integrity of the platforms we build upon, understanding that in the cloud, a single point of failure can have a massive blast radius. #Microsoft365 #Outage #ZeroTrust #CloudSecurity #CyberSecurity #IdentityManagement #Azure #Firewall https://lnkd.in/gREstAUd