How To (Safely) Run Untrusted Applications in Windows 10

The new Sandbox feature in Windows 10 lets organizations run potentially risky executables in isolation, without having to set up a virtual machine.

Remote Desktop Protocol Is a Big Target for Attackers, Study Finds

Remote Desktop Protocol is an easy-to-find and popular target for remote attackers, according to a recent study conducted by Sophos.

Microsoft Lists Some Organizational Obstacles to Eliminating Passwords

Organizations wanting a future without passwords will likely face some hurdles getting there, Microsoft admitted in an announcement this week.

Gray Fence Graphic

Windows Defender Application Guard: First Look

Of the many security improvements Microsoft made to the latest Windows 10 release, the ability to wall-off the Edge browser against malware attacks is one of the most critical.

Microsoft Previews Azure Active Directory FIDO2 Sign-Ins Without Passwords

Microsoft on Wednesday announced the availability of a public preview of Azure Active Directory's FIDO2 support, which enables user authentications without passwords.

SQL Server 2008/R2 No Longer Getting Security Patch Support

Microsoft issued some reminders this week that July 9, 2019, is the last day of patch support for SQL Server 2008 and SQL Server 2008 R2.

Microsoft July Security Release Addresses 16 Critical Vulnerabilities

Microsoft on Tuesday released its July security patch bundle, which addresses about 77 common vulnerabilities and exposures across various Microsoft products.

Microsoft Isn't Patching Excel Dynamic Data Exchange Attack Vulnerability

The Microsoft Excel spreadsheet program, in combination with its Power Query data-fetching component, can be leveraged in so-called "Dynamic Data Exchange" (DDE) types of attacks.

Cloud Services Use on the Rise But Security Concerns Remain

A recently published industry report suggested that use of public cloud services by organizations may nearly double in the next two years.

OneDrive Users To Get Storage Options, Plus New Personal Vault

Microsoft announced a few OneDrive enhancements, including storage-option additions, plus a new "Personal Vault" feature for added security assurance.

Microsoft Suggests Disabling Old Protocols with Exchange Server 2019

Exchange Server 2019 with Cumulative Update 2 (CU2) can help organizations rid themselves of old authentication protocols, which constitute a potential security risk.

Microsoft Previews Azure Bastion Service for Private VM Access

Microsoft on Tuesday announced a preview of the Azure Bastion service, which lets a user connect to an Azure virtual machine (VM) using a private Internet connection.

RAMBleed Side-Channel Attack Method Disclosed by Researchers

Academic researchers this week published information about another side-channel attack method, called "RAMBleed," that can expose information from memory chips, including encryption key information.

Microsoft 365 Business Tenants Getting Conditional Access and Trouble-Ticket Features

Microsoft added its conditional access security service to Microsoft 365 Business subscriptions, according to a Wednesday announcement, and it also added new trouble-ticket features for Microsoft 365 administrators.

Microsoft Delivers Hefty June Security Patch Bundle

Microsoft has released its monthly bunch of security patches for June, addressing 88 common vulnerabilities and disclosures (CVEs).

Blue Squares Graphic

U.S. National Security Agency Issues Advisory on 'BlueKeep' Windows RDS Flaw

The U.S. National Security Agency (NSA) has issued an advisory urging individuals and organizations to install Microsoft's May security patches.

Microsoft Urges Patching Windows RDS Vulnerability Yet Again

Microsoft again issued advice that its May security patches should be installed to prevent a "wormable" vulnerability in Remote Desktop Services from getting exploited by attackers.

Defending Against Office 365 Account-Takeover Attacks

With hackers infiltrating one in three Office 365 customers, an IT pro's best bet is to be suspicious of almost everything.

Microsoft Expands Azure AD Password Lengths, Adds Conditional Access Controls

Microsoft announced a couple of Azure Active Directory enhancements this week regarding password lengths and new conditional access controls for IT pros.

Attack Surface Analyzer 2.0 Available for Checking Software Installs

Microsoft this week described Attack Surface Analyzer 2.0, an updated tool for checking software installations that's now built using open source code.

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.