Microsoft Teams 'couldn't connect' error affects desktop and web apps

A critical elevation of privilege (EoP) vulnerability in Azure Entra ID (formerly Azure Active Directory) could have allowed unauthorized access to virtually any Entra ID tenant. The flaw, tracked as CVE-2025-55241, stems from an authentication failure in the Azure AD Graph API, enabling the creation of impersonation tokens for cross-tenant access. The vulnerability was discovered in July 2025 and addressed over the summer, with no evidence of exploitation in the wild. The flaw highlights significant security gaps in Azure's authentication stack, particularly around undocumented 'Actor' tokens used for backend service-to-service communications. These tokens lack essential security controls, such as revocation capabilities, conditional access policies, and visibility, making them highly dangerous. The Azure AD Graph API, despite being scheduled for deprecation, is still used by many Microsoft applications, underscoring the broader implications of this vulnerability. The flaw was reported to Microsoft on July 14, 2025, and the company confirmed that the problem was resolved nine days later. The vulnerability has been assigned the maximum CVSS score of 10.0. It allowed impersonation of any user, including Global Administrators, across any tenant. The flaw could bypass multi-factor authentication (MFA), Conditional Access, and logging, leaving no trace. The flaw was addressed by Microsoft as of July 17, 2025, requiring no customer action. The Azure AD Graph API has been officially deprecated and retired as of August 31, 2025.

Microsoft has lifted multiple compatibility holds that previously prevented Windows 11 24H2 upgrades on devices with specific hardware and software configurations. The latest hold removed was for devices with integrated cameras due to a face detection bug causing app freezes. This bug was fixed, and the update block was lifted on September 22, 2025. Additionally, a safeguard hold for devices with Dirac audio software was removed on September 11, 2025, allowing eligible devices to upgrade to Windows 11 24H2. The issues affected systems with Dirac audio improvement software, leading to problems with audio device detection and integrated speakers. The incompatibility was traced to the cridspapo.dll component of the audio processing software. Affected users reported that Bluetooth headsets, speakers, and integrated speakers stopped functioning after the upgrade. A new driver addressing the issue is available via Windows Update.

Microsoft's August 2025 Patch Tuesday addressed 111 vulnerabilities, including 44 elevation-of-privilege (EoP) flaws and 35 remote code execution (RCE) vulnerabilities. The update also fixed 18 information disclosure flaws, 8 spoofing defects, and 4 denial-of-service issues. Critical issues included EoP bugs in Windows Hyper-V, Microsoft SQL Server, and Azure OpenAI, as well as RCE vulnerabilities in SharePoint and Windows Graphics Component. The update included a fix for CVE-2025-53779, a publicly known Windows Kerberos EoP flaw dubbed BadSuccessor, disclosed in May 2025. The update did not include any actively exploited bugs, marking the second consecutive month without such vulnerabilities. Security experts recommended immediate patching for high-severity issues, especially those in core system components and widely used services like SharePoint and SQL Server. However, the August 2025 security updates caused failures in reset and recovery operations on Windows 10 and older versions of Windows 11. Microsoft released emergency out-of-band updates on August 19, 2025, to resolve this issue. The emergency updates are available as optional updates via Windows Update and Windows Update for Business, or can be downloaded and installed manually from the Microsoft Update Catalog. Additionally, the August 2025 security updates caused severe lag and stuttering issues with NDI streaming software on some Windows 10 and Windows 11 systems. The issues affected applications such as OBS (Open Broadcast Software) and NDI Tools, especially when 'Display Capture' was enabled on the source PC. A temporary workaround involved changing the NDI Receive Mode to use TCP or UDP instead of RUDP. Microsoft resolved a known issue causing Windows upgrades to fail with 0x8007007F errors on some Windows 11 and Windows Server systems. The affected upgrade paths included Windows 10 1809, 21H2, and 22H2 to Windows 11 versions 23H2 and 22H2, and Windows Server 2016 to Windows Server 2019 or 2022, and Windows Server 2019 to Windows Server 2022. The issue was resolved as of August 15, 2025, and users were advised to retry the upgrade process if they encountered the error. The KB5064081 update introduced a new method for displaying CPU usage in Task Manager, standardizing CPU reporting across the application. The update included new Recall features and a redesigned Windows Hello interface. The update addressed an issue that prevented some system recovery features from working properly due to a temporary file sharing conflict. The update fixed an issue in Resilient File System (ReFS) where using backup apps with large files could sometimes exhaust system memory. The update resolved an issue with the Chinese (Simplified) Input Method Editor (IME) where some extended characters appeared as empty boxes. The update addressed an issue that prevented typing on the touch keyboard when using the Microsoft Changjie, Microsoft Bopomofo, or Microsoft Japanese Input Method Editors (IMEs). The update fixed an issue that slowed application installation on ARM64 devices. The update included fixes for audio and video performance issues when using Network Device Interface (NDI) to stream or transfer feeds between PCs. The update was part of the company's optional non-security preview update schedule, which releases updates at the end of each month to test new fixes and features coming to the next month's Patch Tuesday. The KB5065426 and KB5065431 cumulative updates for Windows 11 introduce new features and improvements, including a redesigned Windows Hello interface and enhanced passkey features. The updates include a new Recall feature that opens to a personalized homepage, highlighting recent activity and top-used apps and websites. The updates fix issues with the taskbar preview thumbnail, Search on the taskbar, and the lock screen widgets. The updates introduce a new navigation bar for quick access to Home, Timeline, Feedback, and Settings in the Recall feature. The updates include a new grid view in Search on the taskbar to help users quickly identify desired images. The updates provide clearer status information in Search on the taskbar, including progress notices and file availability status. The updates introduce a new visual experience for the Discover feed on the Widgets Board, including Copilot-curated stories. The updates include a new Windows Backup for Organizations feature, providing enterprise-grade backup and restore capabilities. The updates address an issue with the Microsoft Pluton Cryptographic Provider, resolving error messages in Windows Event Viewer. The updates fix issues with live captions, input methods, and various underlying system components. The September 2025 Windows security update fixed issues caused by the August 2025 updates, which triggered unexpected UAC prompts and app installation problems for non-admin users across all Windows versions. The issue was due to a security patch for CVE-2025-50173, a Windows Installer privilege escalation vulnerability. The September update reduces the scope of UAC prompts for MSI repairs and allows IT admins to disable UAC prompts for specific apps.