A newly disclosed Windows Admin Center flaw carries a CVSS score of 8.8 and could let an authorized user quietly escalate privileges across enterprise environments. The vulnerability affects WAC version 2.6.4 and, if exploited, may grant sweeping administrative control over the very systems it was built to manage. "Improper authentication in Windows Admin Center allows an authorized attacker to elevate privileges over a network," Microsoft said in its advisory.
Microsoft has made a new VM Conversion tool available in Windows Admin Center in a public preview. The extension is designed to help organizations convert virtual machines from VMware to Windows Server with Hyper-V, without additional costs or complicated installation. Although Microsoft Azure offers a fully managed cloud environment with numerous pay-as-you-go services, many organizations prefer to keep their data on-premises for compliance or governance reasons. For this target group, Microsoft is now introducing an accessible way to migrate VMware environments to Hyper-V,