Category: Uncategorized

After the Stryker incident, CISA told organisations to enable Multi Admin Approval in Microsoft Intune. Most teams nodded, opened the doc, and never finished the rollout. Here is what MAA actually does, what to gate behind it first, and the rollout pitfalls that catch IT teams out.

On June 26, 2026, the original 2011 Microsoft Secure Boot signing certificates begin to expire. Here is what is actually expiring, what breaks if you ignore it, and the seven-week operational plan IT teams should be working through right now.

PhantomRPC is a newly disclosed architectural flaw in Windows RPC that lets a low-privileged process impersonate any client connecting to a missing RPC server – ending in SYSTEM. It affects every supported version of Windows, has no CVE, and Microsoft has declined to patch it. Here’s what it does, why “moderate severity” understates it, and what defenders can do.

April 2026 Patch Tuesday landed with 163 CVEs – and 93 of them were elevation-of-privilege bugs. That’s a record 57% of the release in a single category. Here’s what stands out, why “local LPE” keeps dominating, and why local admin rights make every one of them worse.

An unpatched Windows local privilege escalation exploit called BlueHammer was leaked to GitHub this week, with a working proof-of-concept already confirmed on fully patched Windows 10 and 11. Here is what it does, why local admin rights make your exposure worse, and what you can do right now while there is no patch.