News


Vendors Issue Patches for Linux Container Runtime Flaw Enabling Host Attacks

This week, the National Institute of Standards and Technology (NIST) described a high-risk security vulnerability (CVE-2019-5736) for organizations using containers that could lead to compromised host systems.

Windows 10 Version 1809 Users May Get Visual Studio Crashes

Microsoft on Friday issued an advisory for Windows 10 version 1809 users about possible Visual Studio crashes.

Windows 10 'Semiannual Channel Targeted' Goes Away This Spring

Microsoft plans to slightly alter its Windows servicing lingo and management behavior with its next Windows 10 operating system feature update release, coming this spring.

Security Researchers Highlight Exchange and IE Zero-Day in February Microsoft Patches

Microsoft's February "update Tuesday" release was notable for delivering major security updates and architectural changes to all supported Exchange Server products, along with a "zero-day" IE patch.

Microsoft Releases Quarterly Updates to Exchange Server, Delivers Security Fixes and Architectural Changes

Microsoft took the rare step of announcing the release of Exchange Server quarterly updates that will include "critical security" fixes, while also changing the architectures of all supported Exchange Server products.

Microsoft Adds MSIX Support to Windows 10 Versions 1803 and 1709

Microsoft's MSIX packaging format has new added support for Windows 10 versions 1803 and 1709, but the support has some limitations.

Azure Advanced Threat Protection Now Provides Alerts on NTLM Relay Issues

Microsoft on Monday touted its Azure Advanced Threat Protection (ATP) service as being capable of alerting organizations when they are subject to NT LAN Manager (NTLM) relay attacks.

Microsoft Previews SAML Token Encryption in Azure Active Directory

Microsoft has been adding to its Azure Active Directory capabilities in recent weeks.

Microsoft Issues Yet Another Exchange Server Security Advisory

Microsoft on Monday issued Security Advisory ADV190007 concerning an elevation-of-privilege vulnerability that's present in most Exchange Server versions.

Microsoft Argues Against Using IE for Everything

Microsoft on Wednesday made the case that organizations shouldn't use Internet Explorer as their default browser for every activity.

Windows Update Classifications Can Cause Orgs To Miss Fixes to Bad Patches

Organizations using Microsoft's tools to manage Windows updates could be missing out on early fixes to problems because of the way Microsoft classifies its updates.

NSA Offers Guide on Speculative Execution Side-Channel Attacks

The U.S. National Security Agency issued updated guidance late last month on the various speculative execution side-channel flaws that open up all systems using modern processors to potential attacks.

Microsoft Inks Deals with Accenture, TomTom and BrightBytes

Microsoft on Monday announced two new partner deals, plus one product acquisition.

Man Suit

Microsoft 365 Users Getting a Bunch of Security and Compliance Perks

Microsoft announced a number of security and compliance improvements that mostly apply to users of its Microsoft 365-licensed products.

Internet Domain Holders Need To Test Their Sites for 'DNS Flag Day'

The event for organizations and IT pros known as "Domain Name System Flag Day" will kick off on Friday, Feb. 1, 2019.

Information Disclosure Flaws Found in Cisco Small Business Routers

Cisco acknowledged vulnerabilities in two of its small business router products last week that could lead to information disclosures.

US-CERT Highlights Exchange Server Flaw Enabling Escalation-of-Privilege Attacks

The U.S. Computer Emergency Readiness Team this week noted that Exchange Server versions from Exchange Server 2013 on up have a vulnerability that could permit the impersonation of any user, leading to "control of an affected system."

Office 365 Document Saving Defaulting to OneDrive Next Month

Microsoft plans to change the default Office 365 document-saving behavior and have it default to OneDrive and OneDrive for Business folder locations, starting as early as next month.

IE 10 Has One Year of Support Remaining on Windows Server 2012

Internet Explorer 10 will fall out of support next year for users of Windows Server 2012 and Windows Embedded 8 Standard, Microsoft noted in a Monday announcement.

Microsoft Previews One-Time Passcodes in Azure AD B2B Service

Microsoft added a preview feature to its Azure Active Directory Business to Business (B2B) service that makes it easier for business partners to gain access to an organization's network resources.

Subscribe on YouTube