Live
Microsoft sunsets preview VM data delivery to Event Hubs and Storage on July 31, 2026 — here's your migration plan·MSFT +0.1%Only 35% of workers always asked before AI meeting transcription — what Teams admins must do immediately·NVDA +3.0%Microsoft pulls free Outlook meeting-prep feature, puts it behind Copilot paywall·GOOGL +1.2%Power Platform 2026 Wave 2: How to Use Your Region’s Delay to Save Your Automations·AMZN +2.9%Microsoft Ends SQL Server 2016 Support: Your Options from ESUs to SQL Server 2025 Migration·MSFT +0.1%A New Clipboard Tool Sits on Your Screen Edge—Here’s Why You Should Vet It First·NVDA +3.0%Only 5% of Travelers Can Spot AI-Generated Destination Fakes, Survey Shows — Here's How to Beat the Odds·GOOGL +1.2%Microsoft Sets July 2026 Deadline for Manifest 1.25 in New Teams Store Submissions·AMZN +2.9%Microsoft sunsets preview VM data delivery to Event Hubs and Storage on July 31, 2026 — here's your migration plan·MSFT +0.1%Only 35% of workers always asked before AI meeting transcription — what Teams admins must do immediately·NVDA +3.0%Microsoft pulls free Outlook meeting-prep feature, puts it behind Copilot paywall·GOOGL +1.2%Power Platform 2026 Wave 2: How to Use Your Region’s Delay to Save Your Automations·AMZN +2.9%Microsoft Ends SQL Server 2016 Support: Your Options from ESUs to SQL Server 2025 Migration·MSFT +0.1%A New Clipboard Tool Sits on Your Screen Edge—Here’s Why You Should Vet It First·NVDA +3.0%Only 5% of Travelers Can Spot AI-Generated Destination Fakes, Survey Shows — Here's How to Beat the Odds·GOOGL +1.2%Microsoft Sets July 2026 Deadline for Manifest 1.25 in New Teams Store Submissions·AMZN +2.9%

Tdi Security

The latest Tdi Security coverage — news, analysis, and updates from the WindowsNews.AI desk.

13 stories in view AI assisted desk updated 8:12 AM
Latest Most Read Breaking
Sort
SQL Server 2016 · End Of Support

Microsoft Ends SQL Server 2016 Support: Your Options from ESUs to SQL Server 2025 Migration

Microsoft’s SQL Server 2016 exits extended support on July 14, 2026, ending regular security patches. Organizations can pay for up to three years of Extended Security Updates, but the real work lies in discovering every instance, assessing risk, and planning a migration to SQL Server 2025, Azure, or another modern platform before the 2029 hard deadline.

Security

Microsoft’s July 2026 Security Update Could Break Your VPN or Antivirus Software

Microsoft’s July 14, 2026 security update introduces a permanent hardening change that blocks unregistered third-party TDI providers, potentially breaking VPN, antivirus, and legacy business applications. Home users should test their software after updating; IT admins must use segmented deployment and work with vendors to resolve confirmed failures. Unsupported registry tweaks and fleet-wide uninstalls are discouraged, as the change is intentional and improves system security.

Security Desk·2h ago ·5 min
Security

Microsoft Sets September 30, 2026 as Hard Deadline for Non-AZ Azure VPN Gateways

Microsoft has set September 30, 2026 as the final retirement date for Azure VPN Gateway VpnGw1–5 SKUs. After that date, non-migrated gateways will no longer accept configuration changes, making manual migration the preferred path for most production workloads. Administrators should inventory their gateways, understand the public IP SKU implications, and plan controlled migrations to avoid management lockouts.

Security Desk·3h ago ·5 min
Security

OneDrive Now Flags Outlook Attachments as ‘From the Internet,’ Breaking Macros by Default

Microsoft’s OneDrive version 26.002.0105.0001 now applies a Windows security marker to files saved from Outlook attachments, causing macros, scripts, and active content to be blocked by default. The change, first released to the Production Ring in January 2026 and later to Deferred Rings, breaks many email-based business workflows. We explain the impact on regular users, power users, and IT admins, and outline a path to secure, sustainable file distribution without disabling essential protections.

Security Desk·4h ago ·5 min
Advertisement
Boss Scam · Windows Malware

Your Boss’s Urgent WhatsApp Message Could Be a Windows Malware Scam

SEBI's 'Boss Scam' advisory warns of a two-pronged attack using deepfake impersonation and Windows malware that hijacks WhatsApp Web sessions to trick employees into transferring funds. The article breaks down how the scam works, why Windows users face heightened risk, and the immediate technical and procedural steps admins and finance teams must take to protect their organizations.

SE Security Desk·6h ago
Sharepoint Security · Microsoft Patch Tuesday

Microsoft’s July Update: SharePoint Under Active Attack, CISA Deadline Looms

Microsoft’s July 2026 Patch Tuesday released 622 CVEs, but three actively exploited vulnerabilities demand immediate attention. CVE-2026-56164 in SharePoint has a CISA deadline of July 17, while a separate SharePoint RCE (CVE-2026-58644) and an AD FS flaw also require urgent patching. A delivery hold for some Dell Windows 11 devices complicates rollout, and Kerberos hardening enters final enforcement. IT teams must prioritize internet-facing SharePoint and AD FS servers, verify past patches, and wait for Dell’s fix before updating affected systems.

SE Security Desk·8h ago ·1 views
Cybersecurity · Windows 10

Windows 10 Endpoints Now Average 1,903 Security Holes Each, Lansweeper Finds

New telemetry from Lansweeper reveals that Windows 10 PCs carry an average of 1,903 active CVEs, nearly three times the count of Windows 11 machines, nine months after mainstream support ended. The data shows that hardware incompatibility isn't the main obstacle—only 2.8% of holdouts can't run Windows 11—pointing instead to application dependencies and deferred migration in industries like healthcare. With patches accumulating for Windows 11, organizations must act to inventory, segment, and upgrade legacy systems before the next deadline.

SE Security Desk·9h ago
Google Chrome · Chrome 150

Google Chrome 150 Update Fixes High-Severity Cast Vulnerability — What Windows Users Need to Know

Google has released Chrome 150.0.7871.128, patching a high-severity use-after-free vulnerability in the Cast component (CVE-2026-15902) alongside three critical and three high-severity flaws. Windows users and IT administrators should update immediately. The National Vulnerability Database currently shows no entry due to a timing lag, but Google's bulletin and CERT-FR confirm the fix, making it essential to check version numbers directly rather than relying on scanners.

SE Security Desk·10h ago ·1 views
Browser Updates · Cve 2026 15905

Chrome 150 Patches High-Severity Aura Flaw Before NVD Can Catch Up

Google released Chrome 150.0.7871.128/.129 on July 16, 2026, fixing a high-severity use-after-free in the Aura UI framework (CVE-2026-15905), but the National Vulnerability Database page still shows 'CVE ID Not Found'. The update includes six other security fixes. Users and administrators should update Chrome immediately and not wait for the NVD entry to appear.

SE Security Desk·10h ago
CVE-2026-15901 · Chromium Security

CVE-2026-15901 Shows Up on NVD — But It’s Not a Real Chromium Flaw Yet

CVE-2026-15901 appears on the NVD as a Chromium use-after-free flaw, but the page contains no record, severity, or fix. The identifier is still in a RESERVED state and no vendor has issued an advisory. Windows users and admins should treat it as a watchlist item rather than an actionable vulnerability.

SE Security Desk·10h ago ·1 views
Chrome Security · Cve 2026 15899

CVE-2026-15899: Why Chrome’s Latest Security Fix Is Invisible to the NVD — and How to Respond

Google released a Chrome update fixing CVE-2026-15899, a use-after-free bug in CameraCapture, on July 16, 2026. Despite a national advisory from France, the U.S. National Vulnerability Database still shows no record, leaving many automated security tools blind. This article explains why the gap exists and provides practical steps for Windows users and administrators to ensure they’re protected.

SE Security Desk·10h ago
CVE-2026-15903 · Chromium

That Alarming New Chromium CVE Is Real, But the Details Are Still a Mystery

A reserved Chromium vulnerability with an alarming 'out of bounds read/write in V8' title has appeared in CVE feeds, but no product details, severity rating, or patch exist. For Windows users and admins, the key is to continue routine browser updates, avoid emergency actions, and monitor official channels until Google or Microsoft publish an advisory.

SE Security Desk·10h ago ·1 views
Chrome Security · Cve Tracking

Chromium CVE-2026-15904: Why It’s Missing from the NVD and What to Do About It

CVE-2026-15904 is a reported use-after-free vulnerability in Chromium’s Ozone component, but the NVD record is absent due to a likely RESERVED status. No fix, severity, or affected versions are confirmed from Google. Windows users and admins should continue routine Chrome updates, track the CVE internally, and avoid creating compliance thresholds until an official vendor advisory appears.

SE Security Desk·10h ago