
It is Saturday, July 4, 2026, and this is The IT Guys 5 PM technology recap. Because today is a U.S. holiday, the news cycle is lighter than a normal business day, so the practical move is to focus on the items still worth acting on before Monday: an actively exploited SharePoint Server vulnerability, a Microsoft 365 password-spraying campaign, the next round of AI governance meetings, Apple and Microsoft’s expanding AI roadmaps, and a reminder that browser patching still matters.
Quick Take
- Bad news: CISA added Microsoft SharePoint Server CVE-2026-45659 to its Known Exploited Vulnerabilities catalog after evidence of active exploitation. If you run on-prem SharePoint, treat this as a priority patch and exposure review.
- Bad news: A reported Microsoft 365 password-spraying wave generated tens of millions of login attempts and succeeded where MFA and Conditional Access were incomplete or only partially enforced.
- Good news: AI governance work is moving into a more public international phase next week, with the UN Global Dialogue on AI Governance scheduled for July 6-7 and an AI for Good commission meeting expected July 8.
- Mixed news: Apple and Microsoft continue to make AI more central to daily computing. That can make work easier, but it also raises new management, privacy, training, and data-retention questions for families and small businesses.
- Action item: Use the holiday weekend to patch browsers, review Microsoft 365 MFA coverage, check backups, and verify whether any on-prem Microsoft servers are exposed to the internet.
1. SharePoint Server Exploitation Is The Weekend Security Item
The most urgent business-facing story is not flashy AI news. It is a Microsoft SharePoint Server vulnerability that CISA says is being actively exploited. Security coverage from The Hacker News and SecurityWeek reported that CISA added CVE-2026-45659 to the Known Exploited Vulnerabilities catalog on July 2, 2026. The issue is described as a high-severity remote code execution vulnerability affecting Microsoft SharePoint Server.
For home users, this probably does not apply unless you personally host Microsoft server software, which is uncommon. For small businesses, medical offices, municipalities, manufacturers, contractors, and nonprofits that still run on-prem SharePoint, it matters immediately. A SharePoint server often holds internal files, intranet pages, workflows, HR documents, policies, and project data. If it is reachable from the internet and not patched, it can become a direct path into the organization.
What to do now
- Confirm whether your organization runs SharePoint Server on premises. This is different from SharePoint Online inside Microsoft 365.
- Apply the relevant Microsoft security update and document the patch date.
- Check whether SharePoint is exposed directly to the internet. If remote access is needed, put it behind VPN, conditional access, or a properly managed reverse proxy.
- Review web server logs, authentication logs, and endpoint alerts for unusual access around late June and early July.
- Make sure backups are current and restorable before assuming patching alone solves the risk.
The IT Guys takeaway: If you are not sure whether you have on-prem SharePoint, that uncertainty is itself useful information. Ask your IT provider for a plain inventory of internet-facing servers, not just a list of cloud subscriptions.
2. Microsoft 365 Password Spraying Shows Why “Some MFA” Is Not Enough
TechRadar reported this week on a large Microsoft 365 password-spraying campaign observed by Huntress, with roughly 81 million login attempts between June 12 and June 26, 2026. The important lesson is not just the size of the campaign. It is how attackers still find gaps when multifactor authentication is absent, inconsistently assigned, left in report-only mode, or bypassed through older authentication patterns.
Password spraying is different from guessing one person’s password thousands of times. Attackers try a small number of common or previously leaked passwords across many accounts. That makes it harder to detect if monitoring is weak, and it works especially well against organizations that reuse passwords, keep stale accounts, or exempt executives, service accounts, or remote workers from strict policies.
Small-business checklist
- Require MFA for every user, including owners, managers, bookkeepers, and part-time staff.
- Move from SMS codes to authenticator app prompts, passkeys, hardware keys, or phishing-resistant MFA where practical.
- Review Conditional Access policies and confirm they are actually enforced, not only tested in report-only mode.
- Disable legacy authentication and risky OAuth flows that do not support modern MFA.
- Set alerts for impossible travel, repeated failed logins, new inbox rules, suspicious OAuth app consent, and unusual forwarding.
The IT Guys takeaway: Most Microsoft 365 compromises we see are not cinematic hacks. They are boring account-control failures: weak passwords, incomplete MFA, stale users, and no one watching the sign-in logs.
3. AI Governance Meetings Are Coming Next Week
The good news is that AI safety and governance are getting more direct attention. The United Nations lists the first session of the Global Dialogue on AI Governance for July 6-7, 2026 in Geneva. Axios also reported that the UN and International Telecommunication Union are convening an AI for Good Global Commission, with an inaugural meeting planned for July 8.
That does not mean businesses should wait for regulators before making decisions. It does mean the practical AI conversation is shifting from “which tool is coolest?” to “who is accountable, where does the data go, and how do we prove the system is safe enough for the work we are giving it?”
Questions every organization should answer before using AI with business data
- Which AI tools are approved for company use?
- Can staff paste customer names, invoices, medical information, contracts, or employee records into those tools?
- Does the tool train on submitted data, retain prompts, or allow administrator review?
- Who verifies AI-generated work before it reaches customers?
- What happens when an AI answer is wrong but looks confident?
The IT Guys takeaway: AI policy does not need to be a 40-page document. A one-page internal rule sheet is better than silence, especially for offices where employees are already experimenting with AI tools.
4. Apple’s New AI Direction Is Useful, But Watch Compatibility And Privacy Settings
Apple’s June software announcements are still relevant heading into July because many users will be deciding whether to test betas, replace devices, or wait for fall releases. Apple says its next generation of Apple Intelligence is built into iPhone, iPad, Mac, Apple Watch, AirPods, and Vision Pro experiences, with developer testing underway and broader availability planned for the fall. Apple also says the architecture uses on-device processing and Private Cloud Compute, with some features powered by models developed in collaboration with Google and Gemini.
That is the good side: better Siri-style assistance, smarter browsing and writing tools, improved photo editing, and privacy-forward architecture. The practical caution is that not every device gets every feature. Apple lists supported devices, languages, beta timing, and regional limits. Some users may need newer hardware, and businesses should avoid beta operating systems on production machines unless they have a test plan and rollback option.
The IT Guys takeaway: Before replacing hardware just to get AI features, check the exact supported-device list, business app compatibility, backup status, and whether the feature solves a real workflow problem.
5. Microsoft’s AI-First Windows Ideas Are A Preview Of Where Workstations Are Going
Microsoft’s official Build 2026 messaging emphasized Windows as a more agent-ready platform, including Microsoft Execution Containers in preview for sandboxed agent environments and the Surface RTX Spark Dev Box for local AI development workloads. Separately, Windows Central reported on a leaked older Microsoft “Aion” exploration, describing a lightweight Copilot-centered OS concept based around web apps, spaces, and cloud access to desktop software.
The leak is not a product announcement, and Microsoft reportedly declined to comment. Still, the direction is clear enough: vendors want AI assistants to move from sidebars into the operating system itself. That could be helpful for repetitive office tasks, summarizing information, and managing workflows. It also means businesses will need to care more about endpoint policy, data boundaries, audit logging, and whether an AI assistant can see files it should not see.
The IT Guys takeaway: Treat AI features in operating systems like any other business technology rollout. Test them, document them, limit access where needed, and train staff before assuming the default settings are right for your company.
6. Browser Patching Is Still One Of The Highest-Value Security Habits
Google’s Chrome release notes from June included a warning that an exploit for CVE-2026-11645 existed in the wild. Even though that update is a few weeks old, it remains relevant today because browser vulnerabilities are commonly used in phishing, malvertising, and drive-by compromise attempts. Many small businesses still leave browser patching to chance, especially on shared front-desk PCs, shop-floor workstations, and personal laptops used for work.
Chrome, Edge, Firefox, and Safari updates are not just feature updates. They are frontline security updates for the software people use to open email links, banking pages, vendor portals, cloud dashboards, and customer systems.
Weekend maintenance list
- Open each browser and confirm it is updated.
- Restart the browser after updating; pending updates do not protect you until applied.
- Remove browser extensions you do not recognize or no longer use.
- Check whether shared computers are getting operating system updates too.
- Use a password manager instead of storing reused passwords in unmanaged browsers.
Bottom Line For July 4
Today’s tech news is less about one dramatic launch and more about operational discipline. Patch exposed servers. Enforce MFA everywhere. Keep browsers current. Write down AI rules before staff improvise with sensitive data. If you are buying new devices this summer, do it for clear business outcomes, not just because the product page says “AI.”
If you want help checking Microsoft 365 security, reviewing exposed systems, updating business PCs, or planning a sane AI policy for your office, contact The IT Guys. A short review now is cheaper than finding out after a compromised inbox, lost files, or a server incident.
Sources
- The Hacker News: SharePoint RCE CVE-2026-45659 added to CISA KEV after active exploitation
- SecurityWeek: CISA warns of actively exploited Microsoft SharePoint vulnerability
- TechRadar: Microsoft 365 password-spraying campaign
- United Nations: Global Dialogue on AI Governance
- Axios: UN launches AI for Good commission
- Apple Newsroom: Apple Intelligence update
- Microsoft: Build 2026 announcements
- Windows Central: Microsoft Aion/Copilot OS exploration report
- Google Chrome Releases: Stable Channel security update