News


Microsoft to Azure Cosmos DB Users: Your Data May Have Been Exposed

Microsoft warned thousands of Azure Cosmos DB users last week that their data may have been exposed through a recently discovered security flaw in Jupyter Notebook.

Microsoft Defender for Endpoint on Mac Getting Native M1-Chip Support

The Microsoft Defender for Endpoint on Mac security solution is now starting to get "native" agent support for running on Apple M1 chip-based devices, Microsoft announced this week.

Microsoft Clarifies Windows 11 Processor Requirements

Microsoft further described Windows 11 hardware requirements, providing an update on questions about possible seventh-generation processor support.

Microsoft Embracing Native QUIC in Newer Windows OSes and Edge Browser

Microsoft this week described QUIC, an Internet transport layer protocol alternative to the venerable Transmission Control Protocol (TCP), in an announcement.

Microsoft Pledges $20B Cybersecurity Investment After White House Talk

Big tech companies pledged money and efforts following an Aug. 25 Biden administration meeting on U.S. cybersecurity initiatives, as described in this White House announcement.

Microsoft Urges Patching Exchange Server To Avoid ProxyShell Attacks

The Exchange team at Microsoft posted an announcement on Wednesday acknowledging "ProxyShell" threats and urging organizations to keep Exchange Server up to date with the latest cumulative updates and security updates.

Power Apps Users Inadvertently Exposed 38M Personal Info Records

Business and government application developers inadvertently exposed a total of 38 million records because of Microsoft's design of its Power Apps application-building service.

ProxyShell Exchange Server Flaw Getting Used for Ransomware Attacks

Security researchers are seeing the appearance of LockFile ransomware deployments after attackers gained access to Exchange Server via a so-called "ProxyShell" vulnerability.

Windows Server 2022 Quietly Reaches 'General Availability' Release Stage

Windows Server 2022 reached the "general availability" (GA) commercial-release stage on Aug. 18, and a possibly working ISO is now at the Microsoft Volume License Service Center.

Azure Virtual Desktop Adds Windows 11 Preview Option

The Azure Virtual Desktop service now offers the choice of using the Windows 11 operating system at the preview stage.

Microsoft Cloud Katana Released as Open Source for Testing Cloud Security

Microsoft announced on Thursday that it is releasing Cloud Katana as an open source code project for assessing "security controls in the cloud and hybrid cloud environments."

Office 365 and Microsoft 365 Subscription Costs Going Up Next March

Microsoft on Thursday announced plans to increase subscription costs for Office 365 and Microsoft 365 business users, starting on March 1, 2022.

PetitPotam NTLM Relay Attacks Flagged by Microsoft Defender for Identity

Microsoft explained "PetitPotam" NTLM relay attacks in a Wednesday announcement, while also suggesting that its Microsoft Defender for Identity product was capable of identifying such attack attempts.

Microsoft 'Azure Government Top Secret' Goes GA

Microsoft's unique cloud instance for U.S. government agencies and their solution providers known as Azure Government Top Secret became generally available this week, the company announced.

Windows Print Spooler Flaws Leveraged in Ransomware Attacks

Security researchers last week described ransomware perpetrators incorporating Windows "PrintNightmare" exploits in their attacks.

Another Windows Print Spooler Vulnerability Disclosed by Microsoft

Microsoft on Wednesday published a "Security Update Guide" notice on another Windows print spooler vulnerability, namely CVE-2021-36958.

Attackers Now Scanning for 'ProxyShell' Vulnerabilities in Exchange Server

Recent scanning for a "Critical" remote code execution vulnerability (CVE-2021-34473) in Exchange Server, dubbed "ProxyShell," has been detected by security researchers.

Microsoft Addresses June Patch Glitch, and Starts Bundling SSUs with LCUs for Windows 10

Microsoft on Tuesday announced the release of a "standalone" servicing stack update (SSU) for Windows 10 systems to address a patching problem that had affected some organizations trying to apply a June security update.

Microsoft Buys Peer5 To Bolster Teams Video Streaming

Microsoft announced on Tuesday the acquisition of Peer5 with the aim of improving "large-scale live video streaming" in Microsoft Teams.

Microsoft Previews Early Ransomware Detection in Azure Sentinel

Microsoft is previewing early detection capabilities for spotting ransomware campaigns using its Azure Sentinel security information event management (SIEM) solution.