Security


Man Suit

Microsoft 365 Users Getting a Bunch of Security and Compliance Perks

Microsoft announced a number of security and compliance improvements that mostly apply to users of its Microsoft 365-licensed products.

Information Disclosure Flaws Found in Cisco Small Business Routers

Cisco acknowledged vulnerabilities in two of its small business router products last week that could lead to information disclosures.

US-CERT Highlights Exchange Server Flaw Enabling Escalation-of-Privilege Attacks

The U.S. Computer Emergency Readiness Team this week noted that Exchange Server versions from Exchange Server 2013 on up have a vulnerability that could permit the impersonation of any user, leading to "control of an affected system."

Microsoft Previews One-Time Passcodes in Azure AD B2B Service

Microsoft added a preview feature to its Azure Active Directory Business to Business (B2B) service that makes it easier for business partners to gain access to an organization's network resources.

Microsoft Drops 'Preview' Label from Week 4 .NET Framework Updates

Microsoft announced a subtle change to its .NET Framework patch labeling earlier this week that's notable for IT pros handling the monthly patching of Windows 10 and Windows Server 2019 environments.

Windows 7 To Fall Out of Support in One Year

January 14 marks a one-year period before the end of support for Windows 7.

Windows 7 File Share and Connection Problems Traced to January Patch KB4480970

Windows 7 was a notable victim of this month's "update Tuesday" security patch releases by Microsoft, according to various accounts.

Microsoft Delivers Mild January Security Patch Bundle

Microsoft offered a relatively mild "update Tuesday" bundle of security fixes in its January release this month.

Exchange Online Forensics Now Bolstered by Session ID Info

Organizations using the Exchange Online e-mail messaging service now are getting the ability to use session ID information in Exchange Online audit logs to better detect attacks.

New Microsoft 365 Security and Compliance Offerings Arriving Next Month

Two new Microsoft 365 service bundles will be available next month, with one focused on security and the other on compliance.

Sign

2018 Microsoft Predictions Revisited

From guessing the fate of Windows 10 S to predicting Microsoft's next big move with Linux, Brien's predictions from a year ago were on the mark more than they weren't.

Microsoft Now Supports OpenSSH in Windows Server 2019

Microsoft announced on Tuesday that the OpenSSH solution used for remote management is now a supported "Features on Demand" addition in both Windows 10 version 1809 and Windows Server 2019.

Microsoft's December Security Patches Includes Fixes for Two Active Exploits

Microsoft ended the patch year on Tuesday with a whimper of sorts, releasing an estimated 39 security fixes in its December bundle plus one security advisory, according to a count by Trend Micro's Zero Day Initiative.

Microsoft 365 Insider Test Program Emerges for Organizations

Microsoft has started a new Microsoft 365 Insider Program for organizations to test its software, but the program's name and scope could be changing.

IT Pros: Don't Forget To Protect Your Personal Security

Don't be the IT pro who spends way too many hours each day keeping their users secure only to neglect their own home networks. Brien describes the two steps he took to avoid this trap.

Upgrades Recommended To Address Critical Kubernetes Flaws

Kubernetes deployments have "Critical" flaws that could permit information disclosures, according to a Kubernetes announcement.

Microsoft Restores Azure Multifactor Authentication Service Yet Again

Microsoft apparently has addressed an Azure multifactor authentication (MFA) service outage for the second time in as many weeks.

Microsoft Suggests Windows 10 FIDO2 Support Starting To Come of Age

Microsoft indicated that it's possible now to use devices based on the Fast IDentity Online 2.0 protocol with a Microsoft account and Windows 10 version 1809, obviating the need for a password.

Microsoft Issues Security Advisory on Solid-State Drive Hardware Encryption

Microsoft issued security advisory ADV180028 on Tuesday for computer users that have self-encrypting solid-state drives (SSDs) that are ostensibly protected by Microsoft's BitLocker encryption scheme.

Microsoft Revises October Deadline on Using TLS 1.0 and 1.1 in Office 365

Microsoft recently clarified its previously declared position that it had planned to drop support for Transport Layer Security (TLS) 1.0 and 1.1 protocols used with Office 365 services by the end of this month.

Subscribe on YouTube

Upcoming Training Events