News


Microsoft September Security Patches Address 66 Vulnerabilities

Microsoft has released September security patches, addressing an estimated 66 common vulnerabilities and exposures (CVEs).

Microsoft Embracing OpenTelemetry for Azure Monitor Application Insights

Microsoft on Monday described efforts to bring OpenTelemetry measures to Azure Monitor Application Insights, and eventually to other Azure services, as well.

'Azurescape' Attack on Azure Container Instances Highlights Risks of Using Multitenant Services

The Microsoft Security Response Center issued a "coordinated disclosure" notice on Wednesday for users of the Azure Container Instances (ACI) service, promising that "no unauthorized access to customer data" had occurred.

Report: 33% of Flagged Work E-Mails Are Phishing Attempts

Latest analysis shows how prevalent phishing attempts are -- and how important it is to have proper e-mail reporting and comprehensive e-mail training.

Microsoft Suggests Windows 11 Will Work with Current Tools

Microsoft this week outlined perks for IT pros with the coming Windows 11 operating system, suggesting that deployment and management will be similar to Windows 10.

Microsoft Outlines Remote Work Trends, Delays HQ Reopening

Microsoft shared more information about remote work trends, while also indicating that its planned Oct. 4 Redmond, Wash. headquarters reopening is getting indefinitely delayed.

Microsoft Buys Video Editing Startup Clipchamp

Microsoft on Tuesday announced the acquisition of Clipchamp, a developer of browser-based video production tools.

New PowerShell Tools Assess Microsoft Defender Antivirus Performance

Microsoft on Tuesday announced new PowerShell 5.1 cmdlets for analyzing the scanning performance of the Microsoft Defender Antivirus service.

Microsoft Warns of Active Attacks Using Malicious Office Documents

The Microsoft Security Response Center warned of active attacks leveraging a remote code execution vulnerability in Internet Explorer's Trident engine (MSHTML), per a Tuesday Twitter post.

FBI and CISA Warn Ransomware Attacks More Prevalent on Holidays

Organizations could be more subject to ransomware attacks on weekends and holidays, according to an alert issued this week by the FBI and the Cybersecurity and Infrastructure Security Agency. 

Microsoft Releases 'Commercial Previews' of Windows 11 and Windows 10 Version 21H2

Microsoft on Thursday announced that "commercial previews" of Windows 11 and Windows 10 version 21H2 are available for testing by organizations opting into the Windows Insider Program for Business.

Windows Server 2022 Announced at General Availability

Windows Server 2022 was announced by Microsoft as reaching the "general availability" stage, meaning it's deemed ready for deployment in production environments.

Microsoft Schedules Windows 11 Release for Oct. 5

Windows 11, Microsoft's next-gen desktop operating system, will begin rolling out on Oct. 5, Microsoft announced Tuesday.

Microsoft to Azure Cosmos DB Users: Your Data May Have Been Exposed

Microsoft warned thousands of Azure Cosmos DB users last week that their data may have been exposed through a recently discovered security flaw in Jupyter Notebook.

Microsoft Clarifies Windows 11 Processor Requirements

Microsoft further described Windows 11 hardware requirements, providing an update on questions about possible seventh-generation processor support.

Microsoft Defender for Endpoint on Mac Getting Native M1-Chip Support

The Microsoft Defender for Endpoint on Mac security solution is now starting to get "native" agent support for running on Apple M1 chip-based devices, Microsoft announced this week.

Microsoft Pledges $20B Cybersecurity Investment After White House Talk

Big tech companies pledged money and efforts following an Aug. 25 Biden administration meeting on U.S. cybersecurity initiatives, as described in this White House announcement.

Microsoft Embracing Native QUIC in Newer Windows OSes and Edge Browser

Microsoft this week described QUIC, an Internet transport layer protocol alternative to the venerable Transmission Control Protocol (TCP), in an announcement.

Microsoft Urges Patching Exchange Server To Avoid ProxyShell Attacks

The Exchange team at Microsoft posted an announcement on Wednesday acknowledging "ProxyShell" threats and urging organizations to keep Exchange Server up to date with the latest cumulative updates and security updates.

ProxyShell Exchange Server Flaw Getting Used for Ransomware Attacks

Security researchers are seeing the appearance of LockFile ransomware deployments after attackers gained access to Exchange Server via a so-called "ProxyShell" vulnerability.