Identity Security
The latest Identity Security coverage — news, analysis, and updates from the WindowsNews.AI desk.
Xbox UK Age Checks: Microsoft Demands ID or Face Scan to Save Social Features
Microsoft has begun rolling out mandatory age verification for UK-based Xbox accounts, warning that players who fail to prove they are 18 or older will lose access to core social features after a...
Storm-0501 Abuses Entra Connect Sync to Launch Cloud-Based Ransomware, Microsoft Reveals
Storm-0501, a financially motivated threat actor, has pulled off a brazen hybrid attack that began with a compromised on-premises Active Directory, pivoted through Entra Connect Sync to seize Global...
Zoom's $733M Enterprise Revenue Masks Looming AI Challenge: A Windows IT Pro's Roadmap
Zoom's latest quarter revealed $1.22 billion in total revenue, with enterprise revenue climbing 7% year-over-year to roughly $733 million—now 60% of the company's top line. But beneath the surface,...
Edge Canary Flags Reveal Microsoft's Plan to Sync Passkeys Across Devices via Microsoft Account
Microsoft has begun testing a significant upgrade to Edge that would allow the browser to sync passkeys across devices, signaling a major step toward a passwordless future. The latest Canary builds...
Defender’s Limits Exposed: A Practical Guide to Windows 11 Security Layers
When a Windows 11 machine becomes infected with a stubborn Trojan, users often turn to Microsoft Defender – and just as often, they find it can’t finish the job. This real-world frustration,...
CISA Emergency Directive Targets Exchange Hybrid Flaw in August Patch Tuesday Deluge
The Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive late Tuesday, ordering federal agencies to secure on-premises Exchange servers within hours after a newly...
Patch for Windows Netlogon DoS Vulnerability Triggers NAS and Samba Issues, Secure Boot Deadlines Loom
Windows Server administrators juggling urgent patches and looming firmware deadlines just got a stark reminder that security hardening can break third-party integrations. Microsoft’s July 8, 2025...
Unboxing Windows Security: When to Ditch Defender and Go Pro with Antivirus Suites
Microsoft Defender now ships as a fully capable antivirus engine, baked into every new Windows 11 and Windows 10 laptop. But the moment you connect that fresh device to the internet, the question...
CISA Mandates Immediate Disconnect of EOL Exchange Servers After Black Hat Exploit Demo for CVE-2025-53786
A critical Microsoft Exchange Server vulnerability now carries a binding directive from the U.S. Cybersecurity and Infrastructure Security Agency, following a live demonstration of the exploit at the...
Windows Hello Biometric Bypass: Researchers Swap Faces to Hijack PCs—Here’s How ESS Stops It
Two German researchers standing on the Black Hat stage just demonstrated how an attacker with local admin rights can swap their own facial biometrics into a stolen laptop’s Windows Hello...
Barracuda Entra ID Backup Premium Shields 13 Identity Components Against Microsoft’s 30-Day Recovery Limit
Barracuda Networks has officially released Entra ID Backup Premium, a cloud-native backup service designed to protect 13 critical Microsoft Entra ID components and extend recovery far beyond the...
CISA Emergency Directive Targets CVE-2025-53786: Hybrid Exchange Flaw Demands Immediate Action
The Cybersecurity and Infrastructure Security Agency (CISA) issued Emergency Directive 25-02 on August 7, 2025, compelling federal agencies to immediately patch a high-severity Microsoft Exchange...