Security


Windows Update Classifications Can Cause Orgs To Miss Fixes to Bad Patches

Organizations using Microsoft's tools to manage Windows updates could be missing out on early fixes to problems because of the way Microsoft classifies its updates.

NSA Offers Guide on Speculative Execution Side-Channel Attacks

The U.S. National Security Agency issued updated guidance late last month on the various speculative execution side-channel flaws that open up all systems using modern processors to potential attacks.

Man Suit

Microsoft 365 Users Getting a Bunch of Security and Compliance Perks

Microsoft announced a number of security and compliance improvements that mostly apply to users of its Microsoft 365-licensed products.

Information Disclosure Flaws Found in Cisco Small Business Routers

Cisco acknowledged vulnerabilities in two of its small business router products last week that could lead to information disclosures.

US-CERT Highlights Exchange Server Flaw Enabling Escalation-of-Privilege Attacks

The U.S. Computer Emergency Readiness Team this week noted that Exchange Server versions from Exchange Server 2013 on up have a vulnerability that could permit the impersonation of any user, leading to "control of an affected system."

Microsoft Previews One-Time Passcodes in Azure AD B2B Service

Microsoft added a preview feature to its Azure Active Directory Business to Business (B2B) service that makes it easier for business partners to gain access to an organization's network resources.

Microsoft Drops 'Preview' Label from Week 4 .NET Framework Updates

Microsoft announced a subtle change to its .NET Framework patch labeling earlier this week that's notable for IT pros handling the monthly patching of Windows 10 and Windows Server 2019 environments.

Windows 7 To Fall Out of Support in One Year

January 14 marks a one-year period before the end of support for Windows 7.

Windows 7 File Share and Connection Problems Traced to January Patch KB4480970

Windows 7 was a notable victim of this month's "update Tuesday" security patch releases by Microsoft, according to various accounts.

Microsoft Delivers Mild January Security Patch Bundle

Microsoft offered a relatively mild "update Tuesday" bundle of security fixes in its January release this month.

Exchange Online Forensics Now Bolstered by Session ID Info

Organizations using the Exchange Online e-mail messaging service now are getting the ability to use session ID information in Exchange Online audit logs to better detect attacks.

New Microsoft 365 Security and Compliance Offerings Arriving Next Month

Two new Microsoft 365 service bundles will be available next month, with one focused on security and the other on compliance.

Sign

2018 Microsoft Predictions Revisited

From guessing the fate of Windows 10 S to predicting Microsoft's next big move with Linux, Brien's predictions from a year ago were on the mark more than they weren't.

Microsoft Now Supports OpenSSH in Windows Server 2019

Microsoft announced on Tuesday that the OpenSSH solution used for remote management is now a supported "Features on Demand" addition in both Windows 10 version 1809 and Windows Server 2019.

Microsoft's December Security Patches Includes Fixes for Two Active Exploits

Microsoft ended the patch year on Tuesday with a whimper of sorts, releasing an estimated 39 security fixes in its December bundle plus one security advisory, according to a count by Trend Micro's Zero Day Initiative.

Microsoft 365 Insider Test Program Emerges for Organizations

Microsoft has started a new Microsoft 365 Insider Program for organizations to test its software, but the program's name and scope could be changing.

IT Pros: Don't Forget To Protect Your Personal Security

Don't be the IT pro who spends way too many hours each day keeping their users secure only to neglect their own home networks. Brien describes the two steps he took to avoid this trap.

Upgrades Recommended To Address Critical Kubernetes Flaws

Kubernetes deployments have "Critical" flaws that could permit information disclosures, according to a Kubernetes announcement.

Microsoft Restores Azure Multifactor Authentication Service Yet Again

Microsoft apparently has addressed an Azure multifactor authentication (MFA) service outage for the second time in as many weeks.

Microsoft Suggests Windows 10 FIDO2 Support Starting To Come of Age

Microsoft indicated that it's possible now to use devices based on the Fast IDentity Online 2.0 protocol with a Microsoft account and Windows 10 version 1809, obviating the need for a password.

Subscribe on YouTube

Upcoming Training Events

0 AM
Live! 360 Orlando
November 17-22, 2024
TechMentor @ Microsoft HQ
August 11-15, 2025