Search

Microsoft Automated Chatting Psychological Cure Patent

The European Patent Office published Microsoft Technology Licensing's patent application for an automated system to assist psychological treatment through chatbot interactions. The publication covers designated EU member states and marks the commencement of the formal examination process.

Microsoft ASP.NET Privilege Escalation Vulnerability, CVSS 9.1 Critical

CERT-Bund, Germany's Federal Computer Emergency Response Team, issued a critical security advisory (WID-SEC-2026-1213) on 21 April 2026 regarding a privilege escalation vulnerability in Microsoft ASP.NET. The flaw, affecting versions prior to 10.0.7, carries a CVSS Base Score of 9.1 (Critical) and a Temporal Score of 7.9 (High), with confirmed remote attack feasibility. Mitigation measures are available, and the current status is dated 22 April 2026. Organizations running vulnerable Microsoft ASP.NET deployments should treat this as an immediate patching priority given the critical severity rating and confirmed remote exploitability.

Microsoft AI Patent Mitigates Stochasticity in Deployed Agents

USPTO granted Patent US12607973B2 to Microsoft Technology Licensing, LLC on April 21, 2026. The patent covers techniques for mitigating stochasticity when controlling mechanical systems with AI agents, including temporal segmentation of stochasticity into near-term and long-term categories with corresponding mitigation strategies such as reward function changes and margin application.

Microsoft AI Predicts Body Motion, Granted US12608073B2

The USPTO granted US Patent 12,608,073B2 to Microsoft Technology Licensing, LLC on April 21, 2026. The patent covers an AI motion prediction system using reference joint poses and mask tokens to predict body motion trajectories for articulated entities. The 20-claim patent, filed February 3, 2023, is classified under CPC G06N 3/08 and relates to machine learning applications for motion modeling.

Microsoft GitHub Enterprise Server: Multiple Vulnerabilities, CVSS 8.9 (High)

CERT-Bund issued a security advisory warning of multiple vulnerabilities in Microsoft GitHub Enterprise Server affecting versions prior to 3.20.1, 3.19.5, 3.18.8, 3.17.14, 3.16.17, and 3.15.21. The vulnerabilities carry a CVSS Base Score of 8.9 (High) and a CVSS Temporal Score of 7.7 (High), with remote attack capability confirmed. An attacker could exploit these flaws to bypass security controls, execute arbitrary code, and disclose information. Mitigation measures are available and organisations running affected versions should apply patches promptly.

ANCSA Corporation Proxy Regulation Public Scoping, Comments Due Oct 24

The Alaska Division of Banking and Securities (DBS) is conducting a public scoping under Administrative Order 360 to gather ideas and input on proxy solicitation and stock regulations for Alaska Native Claims Settlement Act (ANCSA) corporations under 3 AAC 08.305-365 and 3 AAC 08.920-930. Written comments are due by 4:30 p.m. on October 24, 2025, and an oral stakeholder meeting will be held via Microsoft Teams on October 15, 2025 from 9:00–10:00 a.m. AKST. DBS has emphasized that no specific regulatory changes are currently proposed and no draft regulations are prepared for public comment under the Administrative Procedure Act. Effective January 1, 2026, annual filing fees for ANCSA corporations subject to AS 45.55.139 will be eliminated.

Public Input Solicitation for Mortgage Regulatory Revisions

The Alaska Division of Banking and Securities (DBS) is soliciting public comments under Administrative Order 360 on possible amendments to the Alaska Secure and Fair Enforcement for Mortgage Licensing Act of 2010 (3 AAC 14.010-14.990). DBS specifically requests input on clarifying regulatory obligations, reducing costs and administrative burdens, improving communication procedures, and increasing transparency. Written comments are due by 4:30 PM Alaska time on October 24, 2025, and a virtual stakeholder meeting will be held on October 15, 2025 from 10:00-11:00 AM AKST via Microsoft Teams.

Nitesh Ratnakar M.D. Disciplinary Hearing Set Apr 28

The Medical Board of Ohio has scheduled an administrative disciplinary hearing for Nitesh Ratnakar M.D. on Tuesday, April 28, 2026 at 10:00 AM. The hearing will be conducted by the Board's Hearing Examiners for licensees who request a hearing based on a citation issued by the Medical Board. Interested parties may view the virtual hearing by registering via the provided Microsoft Teams link.

Northeast Behavioral Health Clinic Regional Advisory Group Meeting, May 11, Grand Forks

The Northeast Behavioral Health Clinic Regional Advisory Group will hold its quarterly advisory meeting on Monday, May 11, 2026, from 10:00 to 11:30 a.m. Central Time. The meeting will take place in Conference Room 5A and 5B at 151 S. 4th St., Suite 401, Grand Forks, ND, with virtual attendance available via Microsoft Teams. Agenda items include Leadership Update, Jail Services, Behavioral Health Liaison report, Ruth Meier's Adolescent Center Update, Service Review, Contracts, and Budget Update. Individuals requiring accommodations to participate may contact Pam Thoreson at 701-795-3112 or pthoreson@nd.gov.

IRS Advisory Council Public Meeting Notice

The Internal Revenue Service Advisory Council (IRSAC) has scheduled a public meeting for Wednesday, May 6, 2026, at 11:00 a.m. Eastern. The virtual meeting via Microsoft Teams will cover topics including enhancements to IRS operations, administrative and policy changes to improve taxpayer experience, information reporting issues, and matters concerning tax-exempt and government entities. Members of the public wishing to attend must register by May 4, 2026.

Alaska Securities Act Public Input Meeting October 15 2025

The Alaska Division of Banking and Securities (DBS) is soliciting written and oral public comments on potential regulatory changes to Alaska Securities Act regulations under 3 AAC 08.005-230 and 3 AAC 08.500-950, pursuant to Administrative Order 360. Written comments are due by 4:30 p.m. on October 24, 2025, and an oral stakeholder meeting will be held via Microsoft Teams on October 15, 2025 from 11:00 a.m. to 12:00 p.m. AKST. DBS explicitly states it is not currently proposing any specific regulation changes and has no draft regulations prepared for public comment under the Administrative Procedure Act at this time.

Microsoft .NET Vulnerability Enables Privilege Escalation (CVE-2026-40372)

CERT-FR issued advisory CERTFR-2026-AVI-0478 on 22 April 2026 alerting to a privilege escalation vulnerability in Microsoft .NET. The vulnerability, tracked as CVE-2026-2026-40372 and disclosed by Microsoft on 21 April 2026, affects ASP.NET Core 10.0 versions prior to 10.0.7. Affected organisations are advised to apply patches from Microsoft's security bulletin.

Import XML Grant Data Into MS Excel

Grants.gov published a step-by-step tutorial explaining how to extract and import XML data from its database into Microsoft Excel as a workaround while the "Export Detailed Data" functionality remains temporarily unavailable following the October release. The guide covers downloading the daily XML ZIP file from the website footer, extracting the XML file, importing it into Excel using the Get Data function, and using Power Query Editor to properly load Opportunity Forecasts and Synopsis data without losing data integrity. Users can access a decade of funding opportunity data through this method.

CSLB Enforcement Committee Meeting April 29, Sacramento

The CSLB Enforcement Committee will hold a public teleconference meeting on Wednesday, April 29, 2026, from 10:00 a.m. to 11:00 a.m. at the John C. Hall Hearing Room in Sacramento. The agenda includes review and discussion of potential process changes to address an increase in consumer-filed complaints, as well as review of available closing dispositions for complaints filed by the Underground Safety Board. Members of the public may attend in person or participate remotely via Microsoft Teams.

Licensing Committee Meeting - April 30, 2026

The Contractors State License Board has published a notice of its Licensing Committee teleconference meeting scheduled for April 30, 2026 from 10:00 a.m. to 11:00 a.m. The meeting will be held via Microsoft Teams with committee members participating remotely and public attendance available in-person or virtually. The agenda includes discussion of B-2 Residential Remodeling Contractor pathways toward licensure as a General Building Contractor and trade-specific licensing workshops. The notice clarifies this is an advisory body meeting where no formal governmental decision-making will occur.

Mohammad Ahmad MD Administrative Hearing

The Ohio Medical Board has scheduled an administrative hearing for Mohammad Ahmad MD on April 29, 2026 at 9:30 AM. The hearing will be held in person at Rhodes State Office Tower. Virtual participation via Microsoft Teams is also available for those who register in advance. The board's Hearing Examiners conduct administrative hearings for licensees and applicants who request a hearing based on citations issued by the Medical Board.

George Bertalan, M.D. - Administrative Hearing April 27, 2026

The Ohio Medical Board has scheduled an administrative hearing for George Bertalan, M.D. on Monday, April 27, 2026 at 10:00 AM. The hearing will be held in person at Rhodes State Office Tower. A virtual viewing option is available via Microsoft Teams registration for parties who wish to attend remotely. The Medical Board's Hearing Examiners conduct administrative hearings for applicants and licensees who request a hearing based on a citation issued by the Medical Board.

Technical Review Panel Public Meeting Notice

The Indiana Department of Health announces a public meeting of the Technical Review Panel on Friday, March 27, 2026 at 10:00 a.m. EST. The panel will convene in the Robert O. Yoho Board Room at 2 N. Meridian St., Indianapolis, IN 46204, with virtual attendance available via Microsoft Teams. Panel members include nine appointees from the Governor's office, Indiana Department of Health, and various professional associations covering engineering, construction, and soil science.

CW & DW Priority List Workshop May 2026

The Nevada Division of Environmental Protection (NDEP) announced a public workshop on May 5, 2026, to accept comments on the Clean Water State Revolving Fund Priority List and the Drinking Water State Revolving Fund Priority List. The workshop will be held in Carson City and accessible by phone or Microsoft Teams. These priority lists govern the ranking of projects for low-interest loan funding under Nevada's clean water and drinking water revolving fund programs.

Multiples vulnérabilités dans les produits Microsoft

CERT-FR published advisory CERTFR-2026-AVI-0466 on 21 April 2026 alerting to multiple vulnerabilities in Microsoft products affecting azl3 gh versions prior to 2.62.0-14 and azl3 moby-engine versions prior to 25.0.3-16. The vulnerabilities, tracked under CVE-2026-32288 and CVE-2026-39882 (Microsoft security bulletins dated 11 April 2026), allow an attacker to cause an unspecified security issue according to the vendor. Organizations using these azl3 packages should consult Microsoft's security bulletins for available patches.

Multiple Microsoft CVEs Allow Code Execution, Elevation

CERT-FR issued advisory CERTFR-2026-AVI-0445 notifying of 22 Microsoft security vulnerabilities affecting products including Microsoft Defender, Microsoft Dynamics 365, Microsoft HPC Pack, Microsoft Power Apps, Microsoft SharePoint (multiple versions), Microsoft SQL Server (2016-2025), and Microsoft Visual Studio. Affected systems risk data confidentiality breaches, security policy bypass, remote code execution, denial of service, and privilege elevation. Microsoft has released patches and updates to address these vulnerabilities.

Microsoft Windows Host Process for Windows Tasks Privilege Escalation Vulnerability CVE-2025-60710

CISA added CVE-2025-60710 to the Known Exploited Vulnerabilities catalog on 2026-04-13. The vulnerability is an improper link resolution flaw in Host Process for Windows Tasks enabling local privilege escalation. CVSS 3.1 score is 7.8 (HIGH). Exploitation is active but not automatable per SSVC v2.0.3.

CVE-2012-1854: VBA Insecure Library Loading Vulnerability

CISA has cataloged CVE-2012-1854, an untrusted search path vulnerability in VBE6.dll affecting Microsoft Office 2003 SP3, 2007 SP2/SP3, and 2010 Gold/SP1; Microsoft Visual Basic for Applications (VBA); and Summit Microsoft Visual Basic for Applications SDK. The vulnerability allows local users to gain privileges via a Trojan horse DLL in the current working directory. CISA confirms this vulnerability was exploited in the wild in July 2012. CVSS 3.1 score is 7.8 (HIGH) with exploitation status marked as 'active' in the KEV catalog.

Multiple Vulnerabilities in Microsoft Products

CERT-FR issued an advisory warning of 14 unpatched vulnerabilities across Microsoft products, spanning CVEs from CVE-2026-33936 through CVE-2026-35177, disclosed between March 29 and April 8, 2026. The vulnerabilities affect multiple Microsoft products and could allow remote code execution, privilege escalation, or information disclosure. Affected organizations are advised to consult Microsoft Security Response Center bulletins and apply available patches immediately.

Multiples vulnérabilités dans les produits Microsoft - 13 CVE

CERT-FR issued advisory CERTFR-2026-AVI-0428 notifying of 13 vulnerabilities (CVE-2026-35385, CVE-2026-35386, CVE-2026-35388, CVE-2026-35535, CVE-2026-28388, CVE-2026-28389, CVE-2026-28390, CVE-2026-31789, CVE-2026-31790, CVE-2026-39881, CVE-2026-40024, CVE-2026-40025, CVE-2026-40026) affecting Microsoft products. Affected systems include azl3 openssh, openssl, sleuthkit, sudo, and vim packages. Risk level not specified by the vendor.