Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Microsoft hardens Microsoft 365 and Office 2024 by disabling ActiveX and blocking legacy-auth access

Defensive Guidance
First reported
Last updated
Happening score
H score 10
1 unique sources, 1 articles

Summary

Hide ▲

Microsoft hardened Microsoft 365 and Office 2024 by disabling all ActiveX controls and tightening defaults to block legacy authentication access to SharePoint, OneDrive, and Office files. The change reduces exposure to older attack paths that rely on legacy protocols or ActiveX-based abuse. It narrows the attack surface for organizations that still depend on Microsoft cloud file services. The shift matters because it removes two common footholds for credential and content-delivery abuse.

Related Happenings

Microsoft AiTM payroll pirate attack mitigation

Advisory/Mitigation
First: 10.04.2026 14:56 Last: 10.04.2026 14:56 Sources 1

About this happening: **Microsoft** is urging defenders to harden **Microsoft 365** and related **HR workflows** against **AiTM**-driven payroll theft by requiring **phishing-resistant MFA**, blocking...

Open Happening

Windows Autopatch enables hotpatch security updates by default for eligible devices

Security Tool/Service
First: 11.03.2026 11:15 Last: 11.03.2026 11:15 Sources 1

About this happening: Microsoft is changing **Windows Autopatch** to enable **hotpatch security updates** by default, speeding security-fix rollout for eligible devices and reducing restart-related del...

Open Happening

Microsoft Windows 11 adds smartphone-style app permission prompts and baseline security mode

Security Tool/Service
First: 10.02.2026 15:16 Last: 10.02.2026 15:16 Sources 1

About this happening: **Microsoft** is adding **smartphone-style app permission prompts** and **Baseline Security Mode** to **Windows 11**, tightening consent and runtime integrity controls for apps th...

Open Happening

ESentire-observed account compromise surged 389% in 2025

Target Trend
First: 16.01.2026 13:40 Last: 16.01.2026 13:40 Sources 1

About this happening: **Account compromise** surged **389% year over year** in **2025**, making it the dominant observed attack pattern and increasing **credential theft** and **account takeover** risk...

Open Happening

ConsentFix browser-native OAuth consent phishing campaign

Campaign
First: 14.01.2026 17:01 Last: 14.01.2026 17:01 Sources 1

About this happening: The **ConsentFix** campaign is a **ClickFix**-style **OAuth consent phishing** operation that hijacks **Microsoft accounts** by abusing the **Azure CLI OAuth app**. In the reporte...

Open Happening

Timeline

  1. 11.12.2025 18:00 2 articles · 5mo ago

    Microsoft disables ActiveX and blocks legacy-auth access in Microsoft 365 and Office 2024

    Mitigation Patch Update

    Microsoft disabled all ActiveX controls in Windows versions of Microsoft 365 and Office 2024 apps and updated Microsoft 365 security defaults to block access to SharePoint, OneDrive, and Office files via legacy authentication protocols, reducing exposure to older execution and sign-in abuse paths.

    Show sources
    Open in new tab