organizations

Winsage
July 12, 2026
Microsoft will discontinue support for several products in 2026, including: 1. Windows 11 24H2 (Home and Pro) - End of servicing on October 13, 2026. 2. Office 2021 and Office LTSC 2021 - End of support on October 13, 2026. 3. Windows Server 2012 and 2012 R2 - Final ESU year ending on October 13, 2026. 4. SQL Server 2016 - Extended end of support on July 14, 2026. 5. SharePoint Server 2016 and 2019, Project Server 2016 and 2019 - Support ends on July 14, 2026. 6. Microsoft Publisher - Retired after October 2026. 7. Exchange Server 2016 and 2019, Skype for Business Server - Final ESU cutoff on October 31, 2026. 8. Windows 11 Enterprise and Education 23H2, .NET 8, .NET 9, PowerShell 7.4 - End of servicing on November 10, 2026. 9. Windows 10 2016 LTSB and IoT Enterprise LTSB 2016 - Extended support ends on October 13, 2026. 10. Windows 11 SE - Support ends on October 1, 2026. 11. Dynamics CRM 2016 and older versions - Lost support earlier in January 2026. 12. Microsoft Configuration Manager, version 2409 - End of support on June 6, 2026. 13. Visual Studio 2022 LTSC channels, versions 17.10 and 17.12 - End of support in January and July 2026, respectively. 14. InfoPath 2013, SharePoint Designer 2013 - End of support on July 14, 2026. 15. Azure service retirements - Occurring in late 2026. Organizations are advised to review their software landscape and plan for transitions to avoid disruptions.
Winsage
July 11, 2026
Microsoft is advocating for a reevaluation of Windows patch management practices due to the rapid evolution of artificial intelligence (AI) impacting cybersecurity. The company emphasizes that traditional timelines for patch deployment, typically spanning several weeks after the monthly Patch Tuesday, are inadequate against modern cyber threats. Microsoft recommends organizations shorten deployment windows to under three days for quality updates, with immediate installation deadlines and minimal user grace periods. To support these changes, Microsoft is enhancing Windows Autopatch with a new reporting dashboard for patch compliance and security insights. The company is promoting cloud-managed deployment through Microsoft Intune and Windows Autopatch while continuing to support legacy tools. Additionally, Microsoft is introducing Windows Hotpatch technology, allowing security updates to be installed without immediate reboots, and advocating for the use of identity-based access controls to isolate unpatched devices. The guidance reflects a shift from scheduled patching to continuous risk management, encouraging organizations to prioritize high-risk assets and automate update deployments. Microsoft is also investing in AI-assisted vulnerability discovery and automated code analysis to improve defensive capabilities. The overarching message is that enterprises must adapt their update strategies to address the accelerated pace of AI-driven exploitation.
Winsage
July 10, 2026
Microsoft advises organizations to expedite their Windows update deployment timelines due to advancements in artificial intelligence that allow cyber attackers to quickly exploit vulnerabilities after security updates are released. Jeremy Chapman, Director of Microsoft 365, warns that delaying critical quality updates with security fixes increases the risk of exploitation. Microsoft recommends a quality update deferral period of fewer than three days, update deadlines of zero or one day, and a grace period of no more than two days. The Windows Autopatch report within Microsoft Intune helps identify unpatched devices, allowing administrators to adjust update deferral policies. Organizations can configure update delivery settings through policy controls in Windows Autopatch and Microsoft Intune, as well as other management tools like Microsoft Configuration Manager and Windows Server Update Services. Microsoft also promotes the use of Hotpatch for quicker installation of security updates without rebooting and encourages Conditional Access policies to restrict access to corporate resources for devices that lack required updates.
Winsage
July 10, 2026
Microsoft provides various types of Windows updates, including Patch Tuesday updates, which occur on the second Tuesday of each month. An example is the KB5094126 update for Windows 11, released on June 9, which includes both security and non-security content. IT administrators can use tools like Autopatch, Intune, and WSUS to deploy these updates. Hotpatching allows security updates to be applied without restarting devices. Optional non-security preview updates are released in the fourth week of each month for testing purposes and can be accessed by users on non-IT-managed devices. Out-of-band (OOB) updates can be issued at any time to address significant issues or vulnerabilities. Microsoft also enhances Windows 11 through annual updates, monthly updates, and Microsoft Store offerings, utilizing Controlled Feature Rollout (CFR) for feature deployment. Users are encouraged to keep their systems updated and can join the Windows Insider Program for early access to new features.
Tech Optimizer
July 10, 2026
Cybercriminals are exploiting the VLC media player to install ValleyRAT, a remote access trojan, by embedding malware in a seemingly harmless file linked in phishing emails. The attack starts with an email that prompts the victim to download a ZIP archive containing a fake VLC executable and a malicious DLL named libvlc.dll. This method uses DLL sideloading to execute the malware under the guise of a legitimate application. Once executed, the malware establishes persistence by creating a registry entry and connects to a remote server to retrieve the final payload. ValleyRAT employs evasion tactics to avoid detection, including assessing system characteristics before executing harmful actions and using a fileless approach to deliver the payload directly into memory. Researchers have identified indicators of compromise, including specific SHA1 hashes and URLs associated with the malicious campaign.
Winsage
July 10, 2026
The intersection of artificial intelligence and cybercrime poses significant challenges for organizations, as cybercriminals can quickly exploit vulnerabilities. Microsoft suggests that traditional patching methods are inadequate, urging organizations to adopt a more agile approach to patch management with rapid update deployment. They recommend reducing the time between the release of security updates and their deployment to less than three days, with deadlines for updates set to zero or one day and a maximum grace period of two days. Additionally, Microsoft advocates for a phased deployment strategy, testing updates on select devices before wider rollout, and utilizing features like Hotpatch and Conditional Access policies to enhance security and expedite update processes.
Winsage
July 10, 2026
Microsoft has unveiled a destructive Windows backdoor named GigaWiper, which allows operators remote control over compromised systems to execute irreversible damage. GigaWiper originated from cyberattacks in October 2025 and is a composite of code from at least three malware families. It maintains its presence through a scheduled task disguised as “OneDrive Update,” executing at startup and every minute. GigaWiper can obliterate partition information, overwrite physical drives, and restart systems. It also mimics ransomware by encrypting files with the .candy extension, using randomly generated keys that are not stored, making recovery impossible. The malware has connections to the Crucio ransomware and resembles FlockWiper, with rewritten code in Go. GigaWiper features 20 command codes for various functions, including executing PowerShell instructions, managing processes, capturing screenshots, and remote access similar to VNC. It can remain on a system for surveillance until its destructive functions are activated. Microsoft Defender includes detection capabilities for GigaWiper, and users are advised to enable tamper protection and monitor for suspicious activities.
Search