Blog posts, news and opinions about Microsoft’s Office 365 cloud services and applications.
In this blog, we take a closer look at CVE-2025-55241, a critical Entra ID flaw that briefly allowed attackers to impersonate Global Admins across any tenant, no phishing or passwords required. While Microsoft moved fast to patch the issue, it exposed how deeply legacy code can undermine modern security efforts. We’ll break down what happened, why it matters, and what admins should do now to stay protected.
In this episode of Practical AI, we explore how to run large language models locally using Jan, a privacy-first, open-source desktop client. With support for Model Context Protocol (MCP) servers, Jan lets you integrate tools like Microsoft Learn directly into your AI workflow—no cloud required.
In this episode of Practical Protection, we discuss Microsoft’s Secure Future Initiative and what their latest progress report reveals about improving identity protection, reducing privileged access, and accelerating vulnerability response—and what you can take from it to strengthen your own environment.
Microsoft 365 Copilot is a great AI notetaking app for Teams meetings, but it's expensive. A range of cheaper options are available from other AI companies. Should Microsoft 365 tenants allow users to install these apps and access what goes on in Teams meetings? It could be a difficult decision.
Dynamic Microsoft 365 Groups come with many advantages, but they also require Entra P1 licenses. This article explores how to create and maintain a DIY version of dynamic Microsoft 365 groups using the Microsoft Graph PowerShell SDK and Azure Automation. At the end of the day, the principle is proven, but maybe it's best to pay for the licenses.
In this blog, we explore how IT admins can leverage WinGet, Microsoft’s Windows Package Manager, to streamline application deployment and updates across Intune-managed devices.
In this article, Jaap Wesselius provides an overview of Exchange SE, discusses possible upgrade paths, and outlines Exchange server support.
In this installment of our Graph Activity Log series, we’ll provide a practical playbook for using the Graph Activity Log and Kusto Query Language (KQL) to hunt for indicators of document exfiltration.
In this episode of Practical Protection, we discuss the recent On-premises SharePoint ToolShell exploit and what you need to know and do to protect your environment.
In this article, Sean McAvinue explores how Microsoft's Multi-Tenant Organizations (MTO) can help make tenant-to-tenant migrations a smoother process for both administrators and end users.
In the grand scheme of things, tracking your Office application updates may not seem of critical importance, but unpatched apps can turn into an attack surface. In this installment of Practical Protection, we highlight two free tools in the Microsoft 365 Apps admin center that help you track and manage Office updates.
In this article, Thorsten Pickhan covers how to add Direct Routing phone numbers to the internal Teams Phone Number database, how to remove phone numbers, and the benefits of doing so.
