Buggy patches are all but inevitable -- especially, it seems, if they're from Microsoft. Maybe the old wait-and-see approach to Office patching is worth a second look.
Microsoft has been adding to its Azure Active Directory capabilities in recent weeks.
Microsoft on Monday issued Security Advisory ADV190007 concerning an elevation-of-privilege vulnerability that's present in most Exchange Server versions.
Organizations using Microsoft's tools to manage Windows updates could be missing out on early fixes to problems because of the way Microsoft classifies its updates.
The U.S. National Security Agency issued updated guidance late last month on the various speculative execution side-channel flaws that open up all systems using modern processors to potential attacks.
Microsoft announced a number of security and compliance improvements that mostly apply to users of its Microsoft 365-licensed products.
Cisco acknowledged vulnerabilities in two of its small business router products last week that could lead to information disclosures.
The U.S. Computer Emergency Readiness Team this week noted that Exchange Server versions from Exchange Server 2013 on up have a vulnerability that could permit the impersonation of any user, leading to "control of an affected system."
Microsoft added a preview feature to its Azure Active Directory Business to Business (B2B) service that makes it easier for business partners to gain access to an organization's network resources.
Microsoft announced a subtle change to its .NET Framework patch labeling earlier this week that's notable for IT pros handling the monthly patching of Windows 10 and Windows Server 2019 environments.
January 14 marks a one-year period before the end of support for Windows 7.
Windows 7 was a notable victim of this month's "update Tuesday" security patch releases by Microsoft, according to various accounts.
Microsoft offered a relatively mild "update Tuesday" bundle of security fixes in its January release this month.
Organizations using the Exchange Online e-mail messaging service now are getting the ability to use session ID information in Exchange Online audit logs to better detect attacks.
Two new Microsoft 365 service bundles will be available next month, with one focused on security and the other on compliance.
From guessing the fate of Windows 10 S to predicting Microsoft's next big move with Linux, Brien's predictions from a year ago were on the mark more than they weren't.
Microsoft announced on Tuesday that the OpenSSH solution used for remote management is now a supported "Features on Demand" addition in both Windows 10 version 1809 and Windows Server 2019.
Microsoft ended the patch year on Tuesday with a whimper of sorts, releasing an estimated 39 security fixes in its December bundle plus one security advisory, according to a count by Trend Micro's Zero Day Initiative.
Microsoft has started a new Microsoft 365 Insider Program for organizations to test its software, but the program's name and scope could be changing.
Don't be the IT pro who spends way too many hours each day keeping their users secure only to neglect their own home networks. Brien describes the two steps he took to avoid this trap.