News


Windows 365 Getting Preview of Azure Active Directory Join Capability

Organizations using the Windows 365 service's Enterprise edition soon will be getting the ability to create Azure Active Directory joins for Cloud PCs, according to a Wednesday Microsoft announcement.

Microsoft Addresses 50 Vulnerabilities in February Security Patch Release

Microsoft released February security patches on Tuesday, addressing perhaps around 50 or so common vulnerabilities and exposures (CVEs).

Microsoft Clarifies MSIX App Installer December Security Issue

Microsoft reiterated on Friday that a flaw in an application installer component used with its MSIX app packager has been abused by malware, and temporary measures should be followed until there's a fix.

Nvidia's $40B Proposed Acquisition of Arm Shuts Down

The proposed $40 billion sale of chip-designer Arm to Nvidia was shut down by the two parties, citing regulatory objections.

Office Macro Blocking by Default Coming This Year for Some Windows Users

Microsoft announced on Monday that it will be bringing a new default for Windows Office users that is said to "block Internet macros by default."

Microsoft Viva Gains Ground After 1 Year

Microsoft Viva hit its one-year anniversary since its debut, and now is used by "more than 10 million monthly active users," according to a Friday Microsoft announcement.

Microsoft Credits Multifactor Authentication in Blocking Second-Stage Phishing Attacks

Microsoft explained last week that it is seeing multiphase phishing attacks getting tried that could be successful against organizations that haven't implemented multifactor authentication (MFA).

Exchange Online Getting Better E-Mail Tampering Security Protections

Exchange Online users soon will be getting some security enhancements that will enforce the use of Transport Layer Security (TLS) encryption for e-mails and ward off so-called "man-in-the-middle" attacks.

Microsoft Sentinel Adds GitHub Code Repository Monitoring

Microsoft announced on Wednesday that it's now possible to use Microsoft Sentinel to continuously monitor GitHub developer repositories for possible adverse activities.

Report: 1 in 7 Ransomware Attacks Expose Critical Enterprise Information

A recent security report found that the threat of ransomware attacks aimed at organizations resulting in critical operational technology (OT) information being leaked is on the rise.

Windows Devices Need 2 Hours of Continuous Connectivity for Update Compliance

Microsoft last week informed IT pros that Windows machines need to be powered up for at least two continuous hours, and connected to the Internet, to be maintained in a properly updated state.

Microsoft Teams Gets External Chat Enhancements, Equipment Recycling and New IT Controls

Microsoft recently made a few Teams announcements of note.

Top 10 In-Depth Articles of 2021

Take a look back at the best columns from our experts that broke down some of the bigger Microsoft stories and provided invaluable IT tips and advice.

Top 10 Microsoft IT Headlines of 2021: PrintNightmare Becomes a Reality

Even during a year where Microsoft dropped a new OS, security issues, highlighted by the "PrintNightmare" spooler vulnerability, dominated the conversation.

Top 10 IT Security Headlines of 2021: The Vulnerabilities We Spent Worrying About

Let's take a look back at our year of vulnerability exposures, reactionary patches and losing sleep over what security hole would emerge tomorrow.

Microsoft Sentinel Gets Log4j Exploit Detector Preview

Microsoft added a preview solution in Microsoft Sentinel that helps IT pros find signs of Log4j exploits, according to a Thursday announcement and Twitter post.

Windows Terminal Becoming Default Console in Windows 11

Microsoft indicated plans to make its open source Windows Terminal app the default command-line console in Windows 11, along with opening the operating system up to using other consoles by default.

Log4j Attack Methods Explained by CrowdStrike

CrowdStrike on Thursday presented advice for organizations attempting to address a security vulnerability in the Log4j Java logging framework used in Apache Web servers, currently undergoing widespread exploitation.

Widespread Log4j Remote Code Execution Vulnerability Could Affect Millions

Log4j, a widely used open-source Java logging library, has a critical-remote code execution (RCE) vulnerability that is currently being leveraged in malicious attacks.

Microsoft December Security Patches Arrive, but Log4j Takes Center Stage

Microsoft on Tuesday released security patches for 67 common vulnerabilities and exploits, even as organizations are scrambling to address a Log4j flaw in Apache servers that's under active exploit.

Subscribe on YouTube