Security


Attack Surface Analyzer 2.0 Available for Checking Software Installs

Microsoft this week described Attack Surface Analyzer 2.0, an updated tool for checking software installations that's now built using open source code.

Microsoft Touts Using HyperClear To Address Intel Processor Woes

Microsoft is again promoting its HyperClear Hyper-V hypervisor technology as a potential balm for organizations trying to come to grips with Intel's latest speculative execution side-channel attack disclosures.

Microsoft's May Patches Arrive Along with Intel Fixes for New Processor Flaws

Microsoft released its May security updates on "update Tuesday," but a patching vortex also opened up as Intel disclosed new processor vulnerabilities.

SharePoint Servers Now Actively Targeted by CVE-2019-0604 Exploit

A "Critical"-rated vulnerability in SharePoint Server versions that Microsoft issued a patch for back in March is now getting actively targeted, according to some security authorities.

Microsoft Offers IT Pro Security Tips and Gets Windows Hello FIDO2 Certification

Microsoft this week laid out security advice for organizations, which included some best-practice guidelines for IT pros.

Office 365's Phishing Problem Goes Deeper

A recent report suggests that Microsoft's own e-mail security protections have trouble differentiating between real and fraudulent messages from itself.

Microsoft Declares 'General Availability' of Threat Experts Security Service

Microsoft announced this week that part of its new threat-hunting service for organizations has reached the "general availability" (GA) commercial release stage.

Microsoft Defines New Privacy Controls for Office 365 ProPlus Users

Microsoft announced this week that it will be reorganizing its Office 365 ProPlus privacy controls with an aim toward becoming more "transparent" about the information it collects.

Microsoft Adding Office 365 Security and Compliance Capabilities

Microsoft on Tuesday announced various Office 365 security and compliance improvements, mostly for Microsoft 365 subscribers.

Microsoft and Docker Describe Container Security After 190,000 Accounts Exposed

Microsoft indicated that its container images hosted on Docker Hub weren't compromised by a security breach that was discovered by Docker last week.

Microsoft Drops Password Expirations from Windows Security Baseline Advice

Microsoft wants to drop recommending policies that enforce periodic password expirations on users of Windows systems.

Kaspersky Lab Nabs Another Windows Zero-Day

Kaspersky Lab this week described more about a zero-day Windows vulnerability (CVE-2019-0859) that its researchers recently discovered, and how PowerShell was used by the exploit.

Microsoft Admits to 3-Month Consumer E-Mail Breach

Microsoft on Friday sent letters to some of its e-mail users that their accounts may have been accessed by "individuals outside Microsoft" over the past three months.

U.S. CERT Issues Advisory on VPN Apps

The United States Computer Emergency Readiness Team issued an alert this week about the improper storage of session data by virtual private network applications.

Support Ending in July for SCCM 2007 and Forefront Endpoint Protection 2010

Microsoft published a notice on Wednesday that System Center Configuration Manager 2007 (SCCM) and Forefront Endpoint Protection 2010 (FEP) both will fall out of support on July 9, 2019.

Microsoft's April Security Patch Bundle Released

Microsoft announced the release of its April security patches on Tuesday, addressing 74 unique vulnerabilities.

Yellow Fence Graphic

Microsoft Finally Lets Windows Defender Protect Itself

A recently added "tamper protection" feature finally corrects an obvious security gap in Microsoft's anti-malware solution.

Microsoft Goes Live with Password Protection for Azure AD Users

Microsoft's Azure Active Directory Password Protection feature is now deemed ready for deployment by organizations, having reached "general availability" status, according to Microsoft's announcement on Tuesday.

Microsoft Releases Configuration Manager Update 1902, Plus Security and Compliance Tools

Microsoft this week announced release milestones for some of its management, security and compliance tools.

Red Shapes

Asus Computers Targeted for Attack Using Compromised Update Software

Software security firm Kaspersky Lab announced that Asus computer users were targeted last year with malware via Asus' update utility in a so-called "supply-chain attack."

Subscribe on YouTube

Upcoming Training Events

0 AM
Live! 360 Orlando
November 17-22, 2024
TechMentor @ Microsoft HQ
August 11-15, 2025