Security

LATEST

Windows 11 New Features, Release Date and System Requirements

Windows 11 is generally available this week on October 5th. But while some have dismissed it as just Windows 10 with a fresh coat of paint, there are changes that Microsoft says lead to improved performance, reliability, and security. In this article, I’m going to look at Windows 11’s new features and how Microsoft’s new…

View Article

What’s New with Azure – September 2021

Microsoft recently announced that their Ignite (online only) conference will be running again on November 2-4. That means we are approaching peak season for announcements, new public preview releases, and general availability. “Q3” in announcements and roadmaps will often mean between early September and maybe the third week of October – a code freeze will…

View Article

How to Mitigate Microsoft Exchange Autodiscover Protocol Flaw That Leaks User Credentials

In this article, I explain how the recently discovered flaw in the Exchange Server Autodiscover protocol can leak user credentials. And how to mitigate the issue in your environment. Microsoft Exchange Server Autodiscover protocol leaks thousands of user credentials Researchers at security company Guardicore have released details of a security issue in the Autodiscover protocol…

View Article

How to Customize Endpoint Security Settings in Microsoft Intune

In this article, I’m going to show you how to customize endpoint security settings in Microsoft Intune. Including how to change security baseline settings, how to make sure devices are running a specific operating system version (or later), and how to configure Windows and iOS disk encryption settings. Microsoft provides a series of recommended security…

View Article

Patch Tuesday September 2021 – Microsoft fixes MSHTML Zero-Day and Apple Blocks NSO Group Surveillance Spyware

This month, Microsoft released a fix for the MSHTML zero-day that emerged earlier in September. And it fixes a serious remote code execution bug in the WLAN AutoConfig service. There’s also a fix for a serious bug in Apple iOS. So, let’s get started! Microsoft fixes MSHTML zero-day Earlier this month, Microsoft released a security…

View Article

Microsoft Brings Passwordless Sign-In to Consumer Accounts

Back in March 2021, Microsoft introduced a passwordless sign-in experience for work or school accounts. With the help of the Microsoft Authenticator app, Windows Hello, or FIDO2 security keys, corporate users can sign into services connected to Azure Active Directory (AD), like Microsoft 365, without needing to remember their account password. Microsoft has been pushing…

View Article

Microsoft Provides Temporary Fix for Office 365 Zero-Day

September 7th, Microsoft released a security advisory for a remote code execution vulnerability (CVE-2021-40444) in Microsoft MSHTML, the rendering engine that Office apps use in Windows to display web content. Microsoft says that it is investigating reports of targeted attacks that try to exploit the MSHTML flaw using specially designed Microsoft Office files. The announcement…

View Article

Microsoft Releases Emergency Update to Patch PrintNightmare Vulnerability

Microsoft has released an out-of-band patch that will plug up a hole in a known zero-day exploit. Known as PrintNightmare, the patch is now being released via Windows Update. At the heart of the issue is a remote code vulnerability that would allow an attacker to use Windows Print Spooler to perform privileged file operations….

View Article

Everything You Need to Know About Azure Infrastructure – May 2021 Edition

Microsoft’s Build conference was on last week and it gave us lots of AI, Machine Learning, and every other type of “machines doe it better” cloud tech announcements. But there were also a few infrastructure announcements during the month. I’ve become the “Azure networking” person at my job, so it’s no surprise (to me) that…

View Article

Microsoft Azure Sentinel gets SAP Support, Plus UEBA and Entity Pages Reach GA

Last week Microsoft announced improvements to its cloud-native SIEM product, Azure Sentinel. In an effort to make Sentinel more efficient for Security Operations (SecOps) teams, Microsoft has improved the quality of rules and includes more innate intelligence out-of-the-box. There’s also built-in support for SAP in preview. Plus, other features like UEBA and entity pages, which…

View Article
Go to page