Microsoft Word was once the most commonly used software in the world. A .doc file was the lingua franca of the computing world, and “send me a Word doc” became part of the business lexicon. Word won the battle against WordPerfect, which was never quite able to make the transition to the world of Windows.
That battle with WordPerfect might have been a pyrrhic victory, however, as Word ended up something quite different than what the original product manager might have hoped. By out-featuring WordPerfect, MS Word became a bloated and unwieldy application that had way too much stuff jam-packed into it. It fell victim to the “just because you can do it doesn’t mean you should” syndrome. Each new release included more obscure and less-used new features that looked good on a marketing sheet, but that only made the product more confusing to end users.
And all that happened in a world where new features had to be coded by hand and took weeks or months. What is going to happen to software now
A newly identified malware campaign is abusing Microsoft’s Phone Link feature to intercept SMS-based one-time passwords and other sensitive mobile data directly from Windows systems.
The activity, first observed by Cisco Talos in January 2026, involves a remote access trojan dubbed CloudZ and a custom plugin named Pheno that together allow attackers to harvest credentials and potentially capture authentication codes synced from a user’s smartphone, Talos researchers Alex Karkins and Chetan Raghuprasad wrote in a blog post.
“According to the functionalities of the CloudZ RAT and Pheno plugin, this was with the intention of stealing victims’ credentials and potentially one-time passwords (OTPs),” the researchers wrote.
The attack does not target the mobile device itself. Instead, it exploits the trust relationship between phones and Windows PCs by monitoring data mirrored through the Phone Link application, the blog post said.
CloudZ “utilizes the custom Pheno plugin to hijack the establ
This case study is published in collaboration with our partner Utilize, who led the implementation of this solution About Alumil Alumil stands as a market leader in the design and manufacturing of innovative aluminum systems used in windows, doors, and building facades. With operations spanning more than 30 countries and production facilities both in Greece […]
Microsoft and the US Cybersecurity and Infrastructure Security Agency (CISA) have sounded the alarm about a Windows shell spoofing vulnerability that is already being exploited by attackers. It is not clear by whom as yet, but the main suspects are hackers in Russia.
CISA has mandated that all federal agencies patch this vulnerability, designated CVE-2026-32202, by May 12. According to a Microsoft advisory, exploitation of the flaw could lead to access to sensitive data, but attackers would not be able to gain control of the system.
However, one security expert has warned that the considerable gap between the time Microsoft identified the bug and the date by which the systems must be patched leads to increased risk.
The patch gap
Lionel Litty, CISO for security company Menlo, said that an incomplete patch for CVE-2026-21510 that resulted in the issue tracked as CVE-2026-32202 adds to the problem. “This has been a theme for many years. A vulnerability exists and the vendor has not been
Claude for Word embeds AI directly into Microsoft Word, summarizing redlines, citing clauses and applying edits as tracked changes — without disrupting your workflow.
Long before Taco Tuesday became part of the pop-culture vernacular, Tuesdays were synonymous with security — and for anyone in the tech world, they still are. Patch Tuesday, as you most likely know, refers to the day each month when Microsoft releases security updates and patches for its software products — everything from Windows to Office to SQL Server, developer tools to browsers.
The practice, which happens on the second Tuesday of the month, was initiated to streamline the patch distribution process and make it easier for users and IT system administrators to manage updates. Like tacos, Patch Tuesday is here to stay.
In a blog post celebrating the 20th anniversary of Patch Tuesday, the Microsoft Security Response Center wrote: “The concept of Patch Tuesday was conceived and implemented in 2003. Before this unified approach, our security updates were sporadic, posing significant challenges for IT professionals and organizations in deploying critical patches in a timely manner.”
P
Windows admins are going to be busy this month, dealing with the largest Patch Tuesday cycle we can recall. The April release involves 165 updates and roughly 340 unique CVEs from Microsoft — including two zero-days, one of which is already being actively exploited in the wild.
The Readiness team is recommending “Patch Now” schedules for nearly every major product family this month: Windows, Office (with a zero-day), Microsoft Edge (Chromium), SQL Server, and Microsoft Developer Tools (.NET). April also brings Phase 2 of Microsoft’s Kerberos RC4 hardening with full enforcement set for July. There is a lot to cover, so the Readiness team built an infographic mapping the deployment risk for each platform.
(More information about recent Patch Tuesday releases is available here.)
Known issues
Microsoft reports a single Windows 11 25H2 issue. It affects a narrow enterprise deployment group, but matters to anyone affected.
KB5083769 – BitLocker recovery prompt on first restart (Windows 11 2
The updated Codex app for macOS and Windows adds computer use, in-app browsing, image generation, memory, and plugins to accelerate developer workflows.
