• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

My TechDecisions

  • Best of Tech Decisions
  • Topics
    • Video
    • Audio
    • Mobility
    • Unified Communications
    • IT Infrastructure
    • Network Security
    • Physical Security
    • Facility
    • Compliance
  • RFP Resources
  • Resources
  • Podcasts
  • Project of the Week
  • About Us
    SEARCH
Compliance, IT Infrastructure, Mobility, Network Security, News

This Week in IT: macOS Bug, New Google Cloud Offerings, Phishing Attacks, Autopatch, and More

Security research, threat trends and the general availability of Microsoft's AutoPatch highlight this week's IT news.

July 14, 2022 Zachary Comeau Leave a Comment

IT news, This Week in IT

Editor’s note: There is a lot going on in the world of IT, from emerging technologies to digital transformation and new cybersecurity threats. However, we can’t possibly cover it all, so we’ll bring you this curated summary of IT and enterprise technology stories each week.

Microsoft Discovers macOS App Sandbox escape bug

Microsoft says it has discovered a dangerous vulnerability in macOS that could allow specially crafted codes to escape the App Sandbox and run unrestricted on the system. Microsoft says it first discovered the flaw in October 2021 and shared the findings with Apple, which issued a security update in May to fix the bug. The company says it discovered the vulnerability while researching potential ways to run and detect malicious macros in Microsoft Office on macOS. Read Microsoft’s security blog on this.

New Google cloud offerings

Google has released several new cloud offerings and integrations, including the preview release of the company’s first VM family based on the Arm architecture Tau T2A, a new managed service for scheduling batch jobs at any scale, the general availability of Rocky Linux Optimized for Google Cloud, a new integration between Google Meet and Miro, and more. Read more about Google’s new cloud offerings here. 

Large-scale phishing campaign

Also discovered by Microsoft security experts was a large-scale phishing campaign that since September 2021 has targeted more than 10,000 organizations by leveraging adversary-in-the-middle (AiTM) phishing sites to steal passwords, hijack a user’s sign-in session and skip the authentication process even when multi-factor authentication was enabled. Those stolen credentials and session cookies were then used to access mailboxes and perform follow-on business email compromise campaigns against other targets. Read Microsoft’s security blog on this.

The last decade of critical software bugs

A new report from managed detection and response provider Trustwave finds that the number of vulnerabilities reported over the last few years has skyrocketed, including 10 such bugs the company identifies as the most egregious security flaws of the past decade. These includes the SolarWinds Orion compromise, EternalBlue, BlueKeep, Heartbleed, Sandworm and more.

Citing Shodan reports, some of these vulnerabilities still exist in hundreds of thousands of systems. Read Trustwave’s report here.

Autopatch rolls out to Windows Enterprise E3, E5 license holders; support for Windows 365

Microsoft has officially rolled out Windows Autopatch to organizations with Windows Enterprise E3 or E5 licenses to help IT departments streamline the application of the company’s monthly security update release. The company says Autopatch will also now support the updating of Windows 365 cloud PCs. We covered the initial announcement and public preview release. Read this Tech Community blog for more information.

Google’s research on cyberattack trends

Google’s Cybersecurity Action Team published another issue of the company’s Threat Horizons Report, which is based on observations from Google’s security professionals. According to Google, threat actors are crafting their phishing emails to look more legitimate, and they are even communicating with end users to establish trust before launching their attacks. In addition to an update on cyberattacks related to the war in Ukraine, Google says it continues to see attackers scanning for and compromising misconfigured cloud infrastructure, with ransomware and cryptomining the end goal. Google’s report also details how attacks leveraging the software supply chain are increasing. Read the full report here. 

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!

Tagged With: Autopatch, Cybersecurity, Google, IT news, Microsoft, This week in IT, Trustwave

Related Content:

  • Cloud, SASE, Aryaka How the Cloud is Redefining Media Production and…
  • Singlewire Software mass notification interview Singlewire Software on Mass Notification Solutions
  • URI catchbox 1 Catchbox Plus: The Mic Solution That Finally Gave…
  • Engaging virtual meeting with diverse participants discussing creative ideas in a bright office space during daylight hours Diversified Survey: Workplace AV Tech is Falling Short,…

Free downloadable guide you may like:

  • Practical Design Guide for Office SpacesPractical Design Guide for Office Spaces

    Recent Gartner research shows that workers prefer to return to the office for in-person meetings for relevant milestones, as well as for face-to-face time with co-workers. When designing the office spaces — and meeting spaces in particular — enabling that connection between co-workers is crucial. But introducing the right collaboration technology in meeting spaces can […]

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Latest Downloads

Practical Design Guide for Office Spaces
Practical Design Guide for Office Spaces

Recent Gartner research shows that workers prefer to return to the office for in-person meetings for relevant milestones, as well as for face-to-fa...

New Camera Can Transform Your Live Production Workflow
New Camera System Can Transform Your Live Production Workflow

Sony's HXC-FZ90 studio camera system combines flexibility and exceptional image quality with entry-level pricing.

Creating Great User Experience and Ultimate Flexibility with Clickshare

Working and collaborating in any office environment today should be meaningful, as workers today go to office for very specific reasons. When desig...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ

Footer

TechDecisions

  • Home
  • Welcome to TechDecisions
  • Contact Us
  • Comment Guidelines
  • RSS Feeds
  • Twitter
  • Facebook
  • Linkedin

Free Technology Guides

FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets

View all Guides
TD Project of the Week

Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.

Enter Today!
Emerald Logo
ABOUTCAREERSAUTHORIZED SERVICE PROVIDERSYour Privacy ChoicesTERMS OF USEPRIVACY POLICY

© 2025 Emerald X, LLC. All rights reserved.