News


Microsoft Issues Windows Server HTTP/2 Attack Advisory

Microsoft issued Security Advisory ADV190005 on Wednesday concerning a potential HTTP/2 settings issue for users of Internet Information Services (IIS) on Windows Server.

Microsoft Warns .NET Core 1.0 and 1.1 Losing Support in June

Microsoft gave notice this week that .NET Core 1.0 and 1.1 will fall out of support on June 27, 2019.

New Office App Coming to Windows 10 Users

Microsoft is delivering a new Office app for Windows 10 consumer and business users over the new few weeks, according to a Wednesday announcement.

Microsoft Publishes Windows Deadlines on Upgrading to SHA-2

Microsoft on Friday described its 2019 timeline for when it will start distrusting Secure Hash Algorithm-1 (SHA-1) in supported Windows systems, as well as in the Windows Server Update Services 3.0 Service Pack 2 management product.

Vendors Issue Patches for Linux Container Runtime Flaw Enabling Host Attacks

This week, the National Institute of Standards and Technology (NIST) described a high-risk security vulnerability (CVE-2019-5736) for organizations using containers that could lead to compromised host systems.

Windows 10 Version 1809 Users May Get Visual Studio Crashes

Microsoft on Friday issued an advisory for Windows 10 version 1809 users about possible Visual Studio crashes.

Windows 10 'Semiannual Channel Targeted' Goes Away This Spring

Microsoft plans to slightly alter its Windows servicing lingo and management behavior with its next Windows 10 operating system feature update release, coming this spring.

Security Researchers Highlight Exchange and IE Zero-Day in February Microsoft Patches

Microsoft's February "update Tuesday" release was notable for delivering major security updates and architectural changes to all supported Exchange Server products, along with a "zero-day" IE patch.

Microsoft Releases Quarterly Updates to Exchange Server, Delivers Security Fixes and Architectural Changes

Microsoft took the rare step of announcing the release of Exchange Server quarterly updates that will include "critical security" fixes, while also changing the architectures of all supported Exchange Server products.

Microsoft Adds MSIX Support to Windows 10 Versions 1803 and 1709

Microsoft's MSIX packaging format has new added support for Windows 10 versions 1803 and 1709, but the support has some limitations.

Azure Advanced Threat Protection Now Provides Alerts on NTLM Relay Issues

Microsoft on Monday touted its Azure Advanced Threat Protection (ATP) service as being capable of alerting organizations when they are subject to NT LAN Manager (NTLM) relay attacks.

Microsoft Previews SAML Token Encryption in Azure Active Directory

Microsoft has been adding to its Azure Active Directory capabilities in recent weeks.

Microsoft Argues Against Using IE for Everything

Microsoft on Wednesday made the case that organizations shouldn't use Internet Explorer as their default browser for every activity.

Microsoft Issues Yet Another Exchange Server Security Advisory

Microsoft on Monday issued Security Advisory ADV190007 concerning an elevation-of-privilege vulnerability that's present in most Exchange Server versions.

Windows Update Classifications Can Cause Orgs To Miss Fixes to Bad Patches

Organizations using Microsoft's tools to manage Windows updates could be missing out on early fixes to problems because of the way Microsoft classifies its updates.

NSA Offers Guide on Speculative Execution Side-Channel Attacks

The U.S. National Security Agency issued updated guidance late last month on the various speculative execution side-channel flaws that open up all systems using modern processors to potential attacks.

Microsoft Inks Deals with Accenture, TomTom and BrightBytes

Microsoft on Monday announced two new partner deals, plus one product acquisition.

Man Suit

Microsoft 365 Users Getting a Bunch of Security and Compliance Perks

Microsoft announced a number of security and compliance improvements that mostly apply to users of its Microsoft 365-licensed products.

Internet Domain Holders Need To Test Their Sites for 'DNS Flag Day'

The event for organizations and IT pros known as "Domain Name System Flag Day" will kick off on Friday, Feb. 1, 2019.

Information Disclosure Flaws Found in Cisco Small Business Routers

Cisco acknowledged vulnerabilities in two of its small business router products last week that could lead to information disclosures.

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.