Codeql Security
The latest Codeql Security coverage — news, analysis, and updates from the WindowsNews.AI desk.
Huntress Demo: Standard M365 User Hits Global Admin in 5 Minutes 30 Seconds—No Exploit Needed
Huntress reveals that a standard Microsoft 365 user was escalated to Global Administrator in just 5.5 minutes during a live demo, using only permissive identity configurations—no zero-day exploit required. The demonstration highlights the critical need for continuous identity posture management and immediate hardening actions in Entra ID tenants.
Windows 10 After October 2025: How Extended Security Updates Keep Your PC Safe Through 2027
Windows 10 reaches end of support on October 14, 2025, but Microsoft’s Extended Security Updates (ESU) program offers critical security patches through 2028. Consumers must purchase annual coverage via the Microsoft Store, with enrollment required by mid-2026 to stay current. The program excludes Windows 10 Home and does not include new features or support, so hardening the OS with additional measures is essential.
Paid Windows 10 Security Updates Push Users Toward Linux
With Windows 10 support ending in October 2025, Microsoft's first-ever $30 consumer Extended Security Updates and Windows 11's TPM 2.0 requirement are driving a growing number of users to consider Linux as a free and secure alternative. Improved desktop distributions, Proton game compatibility, and a rising backlash against forced hardware upgrades are accelerating the shift.
Microsoft Authenticator’s Root Detection Only Blocks Work and School Accounts, Not Personal Microsoft Logins
Microsoft has confirmed that the new jailbreak and root detection in its Authenticator app applies exclusively to Microsoft Entra work and school accounts, not personal Microsoft or third-party accounts. The move enhances enterprise security by blocking compromised devices from accessing corporate resources while leaving consumer access unchanged.
Windows 10 Gets a Reprieve: How Microsoft’s Consumer ESU Pushes Security Patches to 2027
Microsoft’s consumer Extended Security Updates program now lets Windows 10 users receive critical security patches until October 12, 2027, for an annual fee. This gives holdouts a temporary safety net, but upgrading to Windows 11 or a new PC remains the long-term solution.
CalendarBridge Extends Secure Sync to Microsoft 365 GCC High Environments
CalendarBridge announced on June 30, 2026, that its platform now supports Microsoft 365 GCC High environments with a busy-only sync feature, allowing government contractors and agencies to securely synchronize calendars without exposing sensitive event details. This solves a long-standing compliance challenge for organizations handling Controlled Unclassified Information (CUI) under ITAR and other regulations.
Extra Year of Reboot-Free Patching: Microsoft Extends Windows Server 2022 Hotpatch to 2027
Microsoft has extended hotpatch update support for Windows Server 2022 Datacenter: Azure Edition through October 2027, one year beyond mainstream support. The extension gives Azure-based organizations more time to plan migration to Windows Server 2025 while continuing to receive reboot-free security updates with only quarterly reboots. IT teams should audit their Azure Arc-connected VMs and adjust migration timelines accordingly.
Microsoft Extends Hotpatch Support for Windows Server 2022 Azure Edition Through October 2027
Microsoft has added a year of hotpatch support to Windows Server 2022 Datacenter: Azure Edition, now ending in October 2027. The move gives Azure VM administrators more time to enjoy rebootless security updates, reducing downtime and operational costs. This extension aligns hotpatch support more closely with the OS's mainstream support lifecycle.
Windows 11 24H2 Support Dies October 13, 2026 — Upgrade Now to Avoid Zero-Day Attacks
Microsoft has confirmed that Windows 11 24H2 Home and Pro will stop receiving security updates on October 13, 2026. Users must upgrade to version 25H2 or later to remain protected. The upgrade process is straightforward and can be done via Windows Update, Installation Assistant, or media creation tools.
Microsoft Extends No-Reboot Hotpatch Support for Windows Server 2022 Azure Edition to October 2027
Microsoft has extended hotpatch support for Windows Server 2022 Datacenter: Azure Edition to October 30, 2027, a one-year postponement from the previous deadline. The change lets Azure and Azure Local VMs continue receiving monthly security updates that install without a reboot, preserving the near-zero downtime patching model that reduces reboots by 75%. The extension, while quiet, reinforces Microsoft's commitment to reboot-reduction technologies and gives enterprises extra time before needing to migrate.
Google Play System June 2026 Update Lands on Samsung Phones Without Changelog: A Transparency Gap Windows Users Should Note
Samsung's Galaxy S25 and other recent devices have begun receiving the June 1, 2026 Google Play System update alongside Google Play Services 26.24.34, but no official changelog is available, frustrating users who demand transparency comparable to Windows' detailed update documentation. The update appears to modify critical modules like media codecs, network stack, and security providers, directly impacting the Phone Link integration between Samsung phones and Windows PCs. Early reports show no major issues, but the lack of disclosure complicates enterprise compliance and troubleshooting for millions of connected users.
DRS Softech Launches Office 365 Migration Tool with OAuth 2.0 for Secure Tenant Moves
DRS Softech has launched a new Office 365 Migration Tool that supports tenant-to-tenant mailbox, email, contacts, calendar, shared mailbox, and OneDrive moves with OAuth 2.0 security. The tool features bulk and incremental migration capabilities, targeting MSPs and large organizations. While the announcement promises a unified solution, real-world testing will determine its effectiveness against established competitors.
Microsoft to Block Rooted and Jailbroken Devices from Entra Work Accounts via Authenticator by Mid-2026
Microsoft Authenticator is rolling out jailbreak and root detection for Entra work and school accounts, starting with warnings now and moving to full blocks by mid-2026. The change enforces device integrity for all MFA users, raising the security baseline without requiring MDM enrollment, though administrators can configure exemptions via Conditional Access.