12 C
London
Saturday, September 23, 2017
Home Tags Microsoft Security

Tag: Microsoft Security

Researchers at both conferences demonstrated workarounds and flaws in applications and services including Office 365, PowerShell, Windows 10, Active Directory and Windows BITs.
Microsoft Security Risk Detection leverages artificial intelligence to root out bugs in software before it's released.
Microsoft extends its monthly security updates to respond to a rise in cyberattacks and fix serious flaws in Windows XP and Windows Server 2003.
Friday May 12th marked the start of the dizzying madness that has been ‘WannaCryrsquo;, the largest ransomware infection in history.

Defenders have been running around trying to understand the malwarersquo;s capabilities.
In the process, a lot of wires have gotten crossed and we figured itrsquo;s time to sit down and set the record straight on what we know, what we wish we knew, and what the near future might hold for us going forward.
Microsoft gets a lukewarm response with its new Microsoft Security Guides that replaced Security Bulletins.
PCs can be compromised when Defender scans an e-mail or IM; patch has been issued.
It’s like Pepsi declaring that Coke just won a taste test: Google Project Zero security researchers discovered a security hole in Microsoft’s Malware Protection Engine, and two days later the Microsoft Security Response Center not only fixed the bug but also rolled out the update through the usual Windows Defender update mechanism.The bug in the main Windows Defender program was described in Security Advisory 4022344.

Chances are good your Windows computer got the fix last night.[ InfoWorld’s deep look: Why (and how) you should manage Windows 10 PCs like iPhones. | The essentials for Windows 10 installation: Download the Windows 10 Installation Superguide today. ]Google Project Zero security researchers Tavis Ormandy and Natalie Silvanovich are credited with discovering the vulnerability. Ormandy tweeted that the security hole was “the worst Windows remote code exec in recent memory… crazy bad.”To read this article in full or to leave a comment, please click here
The point of antivirus is to keep malware off the system.

A particularly nasty software flaw in Microsoft’s antivirus engine could do the exact opposite and let attackers install malware on vulnerable systems. The critical security vulnerability in the Microsoft Malware Protection Engine affects a number of Microsoft products, including Windows Defender, Windows Intune Endpoint Protection, Microsoft Security Essentials, Microsoft System Center Endpoint Protection, Microsoft Forefront Security for SharePoint, Microsoft Endpoint Protection, and Microsoft Forefront Endpoint Protection.

These tools are enabled by default in Windows 8, 8.1, 10, and Windows Server 2012.To read this article in full or to leave a comment, please click here
Microsoft on Friday said it had patched most of the Windows vulnerabilities purportedly exploited by the National Security Agency (NSA) using tools that were leaked last week.The Windows flaws were disclosed by the hacking gang Shadow Brokers in a l...
Microsoft OLE uses the URL Moniker to open application data based on the server-provided MIME type,which can allow an unauthenticated remote attacker to execute arbitrary code on a vulnerable system.
Benign and fine but alarms do double-time Enterprises were faced with all sorts of inconvenience on Friday after a Microsoft security tool incorrectly flagged up benign files as infected with a worm.…
A surprise announcement yesterday afternoon rattled Microsoft customers: Patch Tuesday is officially being delayed for a month.Microsoft is being close-mouthed.

A curt, unsigned post on the Microsoft Security Resource Center TechNet blog simply states: "UPDATE: 2/15/17: We will deliver updates as part of the planned March Update Tuesday, March 14, 2017."[ InfoWorld's deep look: Why (and how) you should manage Windows 10 PCs like iPhones. | The essentials for Windows 10 installation: Download the Windows 10 Installation Superguide today. ]Microsoft started documenting its security patches with Security Bulletins in 1998, but the patches arrived at random.
Steve Ballmer announced the Patch Tuesday protocol on Oct. 9, 2003 to “reduce the burden on IT administrators by adding a level of increased predictability and manageability.” Starting with MS03-041, security patches were generally held until the second -- sometimes third or fourth -- Tuesday of the month.To read this article in full or to leave a comment, please click here