Azure Archives

Winsage

May 15, 2026

For May, Patch Tuesday means 139 updates

Microsoft has released an extensive update for Azure Linux 3.0 and CBL Mariner 2.0, addressing 191 open-source Common Vulnerabilities and Exposures (CVEs) across various technologies, including the Linux kernel, Go runtime, Apache httpd, PHP, CoreDNS, Valkey, Ruby, GnuTLS, Apache Thrift, Node.js, Rust, Java implementations, Vim, Postfix, Expat, Nmap, Prometheus, KEDA, and PgBouncer. Additionally, Microsoft has fixed a critical vulnerability (CVE-2026-41103) in its Single Sign-On (SSO) Plugin for Jira and Confluence, which allows an attacker to forge a Microsoft Entra ID identity through a manipulated SAML response; however, patching this vulnerability is the responsibility of the users of Atlassian's platforms.

Winsage

May 15, 2026

Productivity nerds, Windows 11 Pro is $9.97 through May 18

Microsoft Windows 11 Pro is currently available for .97 (regularly priced at 9) until May 18. Key features include Snap Layouts for multitasking, Virtual Desktops for organization, enhanced security with TPM 2.0 and BitLocker, a built-in AI assistant called Copilot, and professional-grade features like Hyper-V virtualization and Azure AD support.

Tech Optimizer

May 15, 2026

From commit to cloud: Powering what’s next for PostgreSQL

PostgreSQL is widely used across various industries, supported by Microsoft through significant investments, including 345 commits to the latest release and a dedicated team of contributors. It is recognized for its ability to handle complex production challenges, such as transactional integrity and concurrency management. Microsoft operates PostgreSQL globally, informing upstream contributions based on real-world deployment experiences. The database is increasingly integrated into AI applications, with Azure Database for PostgreSQL and Azure HorizonDB focusing on AI functionalities. Microsoft offers multiple deployment models to accommodate different workload needs, including Azure Database for PostgreSQL for open-source workloads and Azure HorizonDB for cloud-native systems. Recent contributions from Microsoft include enhancements in asynchronous I/O, vacuum behavior, and query planning. Azure HorizonDB is designed for high-throughput, low-latency systems requiring horizontal scaling. Microsoft also invests in developer tools, such as a Visual Studio Code extension for PostgreSQL, and sponsors PostgreSQL conferences and user groups globally.

Winsage

May 14, 2026

Microsoft pits more than 100 AI agents against each other to find Windows vulnerabilities

Microsoft has introduced MDASH (Multi-Model Agentic Scanning Harness), a security solution that uses over 100 specialized AI agents to identify software vulnerabilities. On May 12, 2026, MDASH identified 16 new vulnerabilities (CVEs) in the Windows networking and authentication stack, four of which were critical, including remote code execution vulnerabilities in tcpip.sys, ikeext.dll, netlogon.dll, and dnsapi.dll. Ten of these vulnerabilities can be accessed over the network without authentication. MDASH operates through a four-stage pipeline: analyzing source code, scrutinizing for suspicious elements, debating the exploitability of issues, and attempting to exploit vulnerabilities. The system is model-agnostic and allows integration of new models and domain-specific knowledge. MDASH scored 88.45 percent on the CyberGym benchmark, ranking first among competitors, although the comparison may not be entirely fair as it contrasts a comprehensive framework with individual models. The models used to achieve this score are not specified. MDASH is supported by Microsoft's Autonomous Code Security Team and is currently in a limited private preview for select customers.

Winsage

May 13, 2026

Windows 11 security update fixes critical Bing and Azure flaws

Microsoft released its May 2026 Patch Tuesday updates for Windows 11, addressing 97 security vulnerabilities across various components, including Windows, Microsoft Office, Azure services, SQL Server, SharePoint, Hyper-V, and .NET. The updates are encapsulated in KB5089549 for Windows 11 versions 24H2 and 25H2, elevating systems to builds 26100.8457 and 26200.8457. Notable vulnerabilities include CVE-2026-32169, a critical flaw in Azure Cloud Shell with a CVSS score of 10.0, and CVE-2026-21536, a critical remote code execution vulnerability in the Microsoft Devices Pricing Program with a CVSS score of 9.8. Other critical vulnerabilities include CVE-2026-32191 and CVE-2026-32194, impacting Microsoft Bing Images, both with CVSS scores of 9.8. The update also addresses multiple Windows privilege escalation vulnerabilities and remote code execution vulnerabilities in Microsoft Office and Excel. Microsoft has warned of upcoming Secure Boot certificate expirations starting in June 2026 and has improved boot reliability related to BitLocker recovery issues. Users can install the updates via Settings → Windows Update, with a system restart required.

Winsage

May 13, 2026

Microsoft Patch Tuesday for May 2026 — Snort rules and prominent vulnerabilities

Microsoft's May 2026 security update addresses 137 vulnerabilities, with 31 classified as critical. None of these critical vulnerabilities are currently being exploited in active attacks. Sixteen of the critical vulnerabilities involve remote code execution (RCE) issues in Microsoft products, including Microsoft Office, Microsoft Word, and Azure. Specific vulnerabilities include: - CVE-2026-32161: A use-after-free vulnerability in the Windows Native WiFi Miniport Driver. - CVE-2026-40358: A use-after-free vulnerability in Microsoft Office. - CVE-2026-41089: A stack-based buffer overflow in Windows Netlogon. Additional important vulnerabilities flagged include: - CVE-2026-33835: Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability. - CVE-2026-33837: Windows TCP/IP Local Elevation of Privilege Vulnerability. - CVE-2026-35416: Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability. Talos is releasing a new Snort ruleset to detect attempts to exploit these vulnerabilities, and users are advised to update their Cisco Security Firewalls and acquire the latest rule pack via Snort.org.

Winsage

May 10, 2026

Windows 11 is now just $10

Windows 11 features a modern interface, enhanced security with TPM 2.0, and includes DirectX 12 Ultimate for improved gaming performance. It offers productivity tools like snap layouts and virtual desktops, and supports remote work with Azure AD and Hyper-V. Microsoft ended support for Windows 10 and earlier versions in October, making Windows 11 essential for updates and performance enhancements. A limited-time offer allows users to purchase a lifetime license for Windows 11 Pro for .97, down from 9, until May 18 at 11:59 p.m. PT.

Winsage

May 8, 2026

Microsoft CTO confesses that 30-year-old code from the mid-90s still forms the bedrock of Windows 11 — ancient Win32 API still the backbone, but CTO says it’s ‘more relevant than ever in 2026’

Mark Russinovich, the Chief Technical Officer of Microsoft Azure, revealed that Windows 11 relies on a significant amount of legacy code from the 1990s, particularly the Win32 framework. He acknowledged the challenges posed by this legacy software while noting its continued relevance as we approach 2026. Russinovich reflected on past attempts to update the Windows API, such as WinRT, which did not meet expectations. He also highlighted that Win32 has been crucial in developing tools like Sysmon and ZoomIt, created in 1996, which remain relevant in the context of Windows 11 and PowerToys.

Tech Optimizer

May 8, 2026

CrowdStrike Falcon: What US Businesses Need to Know Right Now About the Security Platform

CrowdStrike Falcon is a cloud-native endpoint protection platform (EPP) and extended detection and response (XDR) solution used by many U.S. organizations to combat modern cyber threats such as ransomware and supply chain attacks. It utilizes behavioral analysis, machine learning, and real-time telemetry instead of traditional signature-based detection methods. Falcon features a lightweight agent that operates on various endpoints, collecting telemetry data for analysis. Key modules include Falcon Prevent for blocking malware, Falcon Insight for monitoring endpoint activity, and Falcon OverWatch for managed detection and response services. The platform also offers identity protection and cloud workload security, integrating telemetry from various environments for a comprehensive threat view. Falcon is particularly beneficial for medium to large-sized organizations with dedicated security teams and complex IT infrastructures. However, it may not be suitable for smaller businesses due to its licensing model and operational complexity. Its strengths include rapid deployment, scalability, and advanced detection capabilities, while its limitations involve reliance on proper configuration and cloud connectivity. Competitors include Microsoft Defender for Endpoint and SentinelOne. Organizations considering Falcon should evaluate their security needs, existing infrastructure, and budget, as well as the total cost of ownership.

Winsage

May 7, 2026

Upgrade to Windows 11 and get Office 2024 for under $100

You can purchase a bundle that includes Microsoft Office 2024 Home & Business for PC or Mac and Windows 11 Pro for .97, down from .99. The offer is available until May 17 at 11:59 p.m. PT. Windows 11 Pro features faster application performance, multitasking capabilities, and advanced security measures. Office 2024 includes essential tools like Word, Excel, PowerPoint, Outlook, and OneNote, with significant performance upgrades and a user-friendly design.