“Audit which security features your standard client licensing actually includes — versus what you're assuming. The gap between assumed and actual coverage is where breaches happen.”
CVE-2026-42826: CVSS 10.0 Azure DevOps Information Disclosure — Silently Patched by Microsoft
A critical information disclosure vulnerability in Azure DevOps (CVE-2026-42826) was assigned a perfect CVSS score of 10.0, allowing unauthenticated remote attackers to disclose sensitive information over the network. Microsoft proactively remediated this within the cloud infrastructure without requiring any customer action. No workaround needed — the fix is already applied on the service side, but MSPs should audit Azure DevOps access logs for any unusual exfiltration activity in the lead-up to the patch.
Read more →Exchange Online Intermittent Access Failures Hit Users — May 24 Outage Confirmed
Microsoft's official last outage for M365 was recorded on May 24, 2026, titled 'Users may intermittently be unable to access Exchange Online,' with user reports of offices unable to send or receive email. Multiple users also reported Microsoft Defender failing to load and Microsoft Planner crashing Teams entirely around the same period (May 21–24). Workaround: Use Outlook desktop client cached mode where possible; monitor the M365 Service Health Dashboard for real-time status.
Read more →M365 Outage Pattern in 2026: Five Major Incidents in Six Months Tied to AI Infrastructure Load
Analysis shows Microsoft has suffered five significant cloud outages in six months across Teams, Outlook, Copilot, and core M365 infrastructure, with AI workload expansion on Azure cited as a structural driver of increased instability. Organisations entirely dependent on Teams and Outlook felt the sharpest impact during recent incidents. MSPs should review client resilience plans and ensure independent communication channels are in place.
Read more →inforcer Copilot Manager Gives MSPs Revenue Control Over Microsoft 365 Copilot Deployments
inforcer's Copilot Manager, highlighted at ChannelPro in May 2026, gives MSPs granular visibility and control over Microsoft 365 Copilot licence assignments and usage across client tenants, enabling MSPs to enforce governance policies and demonstrate ROI to clients. The tool addresses one of the channel's most cited pain points: inability to monetise AI adoption beyond licence resale. MSPs already reselling M365 Copilot licences should evaluate Copilot Manager as a value-add managed service layer.
Read more →This is what you get — every weekday, free.
Subscribers get the full “From the Floor” take with every issue — not just the news summary you just read.
Written from 12 years on the helpdesk floor. Always free.