Microsoft released security patches on "update Tuesday" to address 64 common vulnerabilities and exposures (CVEs), which were typically associated with products like Windows, Office services and Microsoft's browsers.
Google on Thursday described two "zero-day" vulnerabilities affecting both the Google Chrome browser and Windows 7 systems that are being actively used in targeted attacks.
With Office 365 emerging as a big target for today's hackers, it's important to know how your organization's security measures up.
Microsoft added a few improvements to Azure Firewall, its firewall-as-a-service security offering for organizations using Azure virtual machines.
The World Wide Web Consortium (W3C) announced on Monday that the Web Authentication (WebAuthn) specification is now considered to be an official W3C standard, which likely will accelerate passwordless authentications for Web transactions.
Microsoft plans to start selling its Windows 7 Extended Security Updates plan to organizations on April 1, 2019, according to a Friday announcement.
Metadata can say a lot about a given document -- as well as the document's creator. Here's how to manage what types metadata appear in your Office documents to protect your security while still giving useful information.
The Windows Defender Advanced Threat Protection service can now be used to help address security issues with Windows 7 and Windows 8.1 clients.
Microsoft issued Security Advisory ADV190005 on Wednesday concerning a potential HTTP/2 settings issue for users of Internet Information Services (IIS) on Windows Server.
Microsoft on Friday described its 2019 timeline for when it will start distrusting Secure Hash Algorithm-1 (SHA-1) in supported Windows systems, as well as in the Windows Server Update Services 3.0 Service Pack 2 management product.
This week, the National Institute of Standards and Technology (NIST) described a high-risk security vulnerability (CVE-2019-5736) for organizations using containers that could lead to compromised host systems.
Microsoft on Friday issued an advisory for Windows 10 version 1809 users about possible Visual Studio crashes.
Microsoft's February "update Tuesday" release was notable for delivering major security updates and architectural changes to all supported Exchange Server products, along with a "zero-day" IE patch.
Microsoft took the rare step of announcing the release of Exchange Server quarterly updates that will include "critical security" fixes, while also changing the architectures of all supported Exchange Server products.
Microsoft on Monday touted its Azure Advanced Threat Protection (ATP) service as being capable of alerting organizations when they are subject to NT LAN Manager (NTLM) relay attacks.
Buggy patches are all but inevitable -- especially, it seems, if they're from Microsoft. Maybe the old wait-and-see approach to Office patching is worth a second look.
Microsoft has been adding to its Azure Active Directory capabilities in recent weeks.
Microsoft on Monday issued Security Advisory ADV190007 concerning an elevation-of-privilege vulnerability that's present in most Exchange Server versions.
Organizations using Microsoft's tools to manage Windows updates could be missing out on early fixes to problems because of the way Microsoft classifies its updates.
The U.S. National Security Agency issued updated guidance late last month on the various speculative execution side-channel flaws that open up all systems using modern processors to potential attacks.