Microsoft
Microsoft | News, how-tos, features, reviews, and videos
Microsoft fixes bypass for critical Outlook zero-click flaw patch
Microsoft rates the new Outlook vulnerability as medium severity, but Akamai researchers say it should be higher.
Microsoft patches vulnerability used in Nokoyawa ransomware attacks
The vulnerability identified as CVE-2023-28252 is a privilege escalation flaw affecting the Windows Common Log File System driver.
Managing security in the cloud through Microsoft Intune
Microsoft’s cloud-based endpoint management service extends Active Directory features to Microsoft Azure cloud.
As critical Microsoft vulnerabilities drop, attackers may adopt new techniques
As critical Microsoft software vulnerabilities decline, attackers will need to chain together less severe exploits to achieve code execution, elevate system privilege levels, and move around victim networks.
Two Patch Tuesday flaws you should fix right now
Vulnerabilities affecting both Outlook for Windows and Microsoft SmartScreen were patched recently — both could have wide-ranging impact.
Microsoft Intune Suite consolidates endpoint management and protection
Intune Suite will streamline endpoint management with added features for controlled and secure access.
Microsoft tells Exchange admins to revert previously recommended antivirus exclusions
The antivirus exclusion might cause Exchange Server failures or prevent the detection of backdoors planted by attackers.
Why you might not be done with your January Microsoft security patches
Microsoft released a flurry of security patches and updates in January, so it would be easy to overlook these two.
Attackers move away from Office macros to LNK files for malware delivery
Barriers that Microsoft has placed to prevent malicious macros has forced some cybercriminals to use LNK files for malware delivery, but at the cost of easier detection.
Why it's time to review your on-premises Microsoft Exchange patch status
Microsoft's recent Patch Tuesday addressed some Exchange Server vulnerabilities, but other steps might be needed to fully secure it.
Microsoft Exchange ProxyNotShell vulnerability explained and how to mitigate it
Understand why ProxyNotShell is different from Proxyshell and why mitigation advice has changed.
Microsoft's rough 2022 security year in review
The ubiquity of Microsoft technology in organizations big and small make it a target for attack. These are the most important vulnerabilities and fixes from 2022 that admins need to know.
Attacks using Office macros decline in wake of Microsoft action
Researchers see 66% decline in attacks over eight months since Microsoft turned off macros by default.
How to manage Microsoft's Excel and Office macro blocking
Microsoft's reversal of its blocking by default on Excel macros creates an opportunity to improve policies and processes around Excel and Office macro use.
Best practices for deploying multi-factor authentication on Microsoft networks
Microsoft will soon mandate MFA for some customers, and these are the key considerations before you deploy it.
Microsoft security vulnerabilities drop after five-year rise
While elevated privilege attacks remain a critical security concern when using Microsoft products, a new report says that the raw number of vulnerabilities is dropping.
Protecting on-premises Microsoft servers
Many organizations still have on-premises Microsoft Exchange, SharePoint, or Office servers with inadequate protections.
Microsoft touts first PCs to ship natively with secure Pluton chip
Along with thwarting malware, the Pluton chip handles BitLocker, Windows Hello, and System Guard and might help prevent physical insider attacks. The technology is also being used in Azure Sphere in the cloud.