Cybersecurity Integrity
The latest Cybersecurity Integrity coverage — news, analysis, and updates from the WindowsNews.AI desk.
Microsoft Intune Extends Security Policies to Unenrolled Defender for Endpoint Devices
Microsoft Intune can now enforce endpoint security policies on devices that are onboarded to Defender for Endpoint but not enrolled in Intune, simplifying security for servers, BYOD, and contractor PCs. The change eliminates the need for full MDM enrollment for antivirus, firewall, and attack surface reduction settings. IT admins can assign policies directly from the Intune admin center and should verify licensing and clean up conflicting Group Policy objects.
Microsoft Slips Windows 10 Another Year: Consumer Security Patches Now Until Late 2027
Microsoft has quietly extended the consumer Windows 10 Extended Security Updates (ESU) program through October 12, 2027—one year beyond the original cutoff. The move gives households and small businesses extra time to patch aging hardware before migrating, but it also raises questions about the company's long-term upgrade strategy.
Microsoft Partners Lumen21, L&L, and TechWise Merge Into National IT Powerhouse
Lumen21, L&L Consulting Services, and TechWise Group merged on July 7, 2026, creating a national Microsoft partner that aims to deliver end-to-end IT services for SMB and mid-market businesses. The combined firm brings together cloud migration, cybersecurity, Dynamics 365 ERP, and managed services under one roof, and clients should review their support agreements and explore how the expanded capabilities can simplify their technology stacks.
Windows 10 Home Users Get Security Updates Until October 2027: What the Silent ESU Extension Means for You
Microsoft has extended the Consumer ESU program for Windows 10 until October 12, 2027, giving enrolled users an extra year of security patches. The quiet update means home users can safely delay upgrading for two years total, though they should still plan for eventual migration to a modern OS.
How Windows 11 Passkeys Replace Passwords: Setup, Security, and What It Means for You
Windows 11 now fully supports passkeys via Windows Hello, letting users replace passwords with biometrics or PIN for phishing‑resistant sign‑ins. The feature, widely documented in January 2024, is built into Settings and syncs across Windows devices. Users can create and manage passkeys on supported sites, while admins gain group policies for enterprise control.
Fake Microsoft Teams 'Admin' Calls Deliver EtherRAT Malware in New Phishing Wave
A new social engineering campaign reported on July 6, 2026, uses fake Microsoft Teams calls from an external 'system administrator' to trick users into installing the EtherRAT remote access trojan. The attack starts with a phishing email, leverages live Teams calls for persuasion, and deploys legitimate remote access tools to maintain persistence. Both home users and IT administrators need to restrict external Teams access and heighten awareness to prevent compromise.
Microsoft Office 2026 Macro Alert Overhaul: Yellow Allows, Red Blocks – Here’s How It Works
Microsoft plans a 2026 overhaul of Office macro alerts, introducing yellow "Enable Content" bars for unblocked internet files and red bars for high-risk macros. The update also includes streamlined Mark of the Web removal tools, reducing clicks for trusted documents while maintaining strong malware defenses.
Go SSH Library Vulnerability CVE-2026-39827 Allows Attackers to Crash Windows Servers with Simple Memory Leak
Microsoft has disclosed CVE-2026-39827, a denial-of-service flaw in the Go SSH library that allows an authenticated attacker to crash Windows-based services via a memory leak. While the built-in Windows OpenSSH server is unaffected, many Go-powered tools that embed the library are vulnerable, requiring immediate vendor updates and proactive network hardening.
A Humanoid Robot Threw Kung Fu Kicks at Workers—Now IT Must Rethink Safety
A viral video from July 6, 2026 shows a humanoid robot performing kung fu kicks at workers, prompting an emergency stop. The incident exposes critical gaps in software, networking, and safety governance for IT teams managing robotics. This analysis offers concrete steps to prevent similar malfunctions.
User-Reported Scams Land Directly in Teams Admin Center’s Protection Reports
Microsoft has added user-reported security signals to Teams admin center’s Protection reports under Roadmap 536571. The feature allows IT teams to see when employees flag suspicious Teams messages as phishing or spam, enabling faster threat hunting and incident response. It requires Defender for Office 365 Plan 2 or equivalent licensing and is now generally available for commercial tenants.
Microsoft Ships Long-Awaited S/MIME Certificate Storage in New Outlook for Windows Contacts
Microsoft launched S/MIME certificate storage in the new Outlook for Windows contacts on July 6, 2026, closing a major feature gap for government and enterprise users. The update lets desktop users associate encryption certificates directly with contacts, enabling seamless encrypted email without workarounds. IT admins can now deploy the new Outlook with full S/MIME compliance in regulated environments.
Microsoft Targets May 2026 for LDAP-Based S/MIME Certificate Lookup in New Outlook for Windows
Microsoft has scheduled the long-awaited LDAP-based S/MIME certificate lookup feature for the new Outlook for Windows to reach general availability in May 2026. The update will allow corporate users to automatically retrieve encryption certificates from on-premises directory servers, closing a critical feature gap that has kept many enterprises on the classic Outlook client. IT admins should plan their migration strategies around this timeline, ensuring that S/MIME-dependent employees remain on classic Outlook until the feature is fully rolled out and tested.
Microsoft Teams Flooded with Fake IT Calls Spreading EtherRAT — Here’s What Admins Must Do Now
A wave of social engineering attacks on Microsoft Teams sees threat actors impersonating IT support to trick users into installing the EtherRAT remote access trojan. Security experts recommend administrators restrict high‑risk external chat and calling rather than cutting off all external communication, while training users to verify any unsolicited support requests through separate channels.