Windows Security

Windows Security | News, how-tos, features, reviews, and videos

Microsoft Windows  >  Defending against attacks
Windows logo / life preserver / rescue / recovery / fix / resolve / solution

access control / authentication / privileges / security

Two tips to make multifactor authentication for Office 365 more effective

Here's how to set up "break glass" accounts for emergency admin access to Microsoft Office 365 and brand your Office 365 log-in page to foil fake pages.

An armored knight armor with halo and wings holds a shield, layered in Microsoft brand colors.

How to use Microsoft Compliance Score to improve data protection

The new Compliance Score console in Microsoft 365 offers templates and advice to help meet the ever-growing list of regulatory data protection and privacy rules.

targeted holiday attacks  >  a red bow impaled by a hook, surrounded by abstract binary code

How to protect your business from holiday attacks

Attackers see opportunity in the holidays, but these simple steps and considerations can help block their efforts.

browser security

How to secure your DNS traffic under Windows

DNS traffic is prone to snooping, and it’s often far too easy for attackers to hijack and change a company’s DNS settings. These simple steps will amp up your DNS protection.

Cryptojacking  >  Binary skull, code and bitcoin symbols invade systems as malware

Cryptominers and fileless PowerShell techniques make for a dangerous combo

This new dual-payload cryptojacking malware can disable Windows Antimalware Scan Interface and inject itself directly into memory of legitimate processes.

Laptop displaying the Microsoft logo and a laptop user beneath a digital 'Security' sign.

How to manage Windows 10 1903 and 1909 security updates

Your Windows update controls might be out of date if you haven't reviewed them since the 1803 update or earlier. Here are the new settings you need to know.

Windows logo / life preserver / rescue / recovery / fix / resolve / solution

How to build a Windows disaster recovery toolkit

Sooner or later, a security incident will shut down or disrupt your network. You'll be better prepared with these items in your disaster recovery toolkit.

ON-OFF  >  Pressing a power switch.

How to disable LLMNR in Windows Server

Link-Local Multicast Name Resolution is usually not needed in modern networks and leaves the door open to man-in-the-middle attacks. Here's how to shut it off.

A businessman interacts with a Microsoft-colored shield protecting network users + user groups.

How to audit permissions after a Windows migration

As companies move off Windows 7 and Server 2008, they run the risk of leaving dangerous access permissions behind. Here's how to find them.

Microsoft-based election, campaign systems

How to secure Microsoft-based election, campaign systems

Microsoft has issued guidance and provided resources for local election bodies and candidate campaigns to help protect systems and communications.

Lock + key securing abstract data with a Windows logo overlay.

How to protect and safely erase data on Windows devices

Microsoft's BitLocker now uses AES encryption, but will default to the storage device's hardware encryption unless you make this setting, which will also allow you to easily sanitize drives.

Email migration to Microsoft Outlook app on mobile email for smartphone user.

How to migrate smartphone users to the Outlook app with Intune

With the pending retirement of Microsoft Basic Authentication, the best way to protect mobile device users connecting through Exchange is to move them to Outlook.

Credential theft  > A thief steals a password.

How to detect and halt credential theft via Windows WDigest

Attackers can steal user credentials by enabling credential caching in the Windows authentication protocol WDigest. Here's how to stop them.

Virtual security technology focuses on the Microsoft Teams logo as someone uses her mobile phone.

Security and compliance considerations for Microsoft Teams

Admins will need to make these decisions around security and governance when porting from Office 365 Pro Plus to Microsoft Teams.

'NO' symbol [circle-backslash] and raised hand against a background of passwords / passcodes

How to disable legacy authentication in Microsoft Exchange to enable MFA

Microsoft recommends enabling multi-factor authentication for Office 365. To do so, you must also disable basic or legacy authentication on Microsoft Exchange Server.

Microsoft  >  RDP | Remote Desktop Protocol vulnerabilities  >  caution / danger / admin login

How to avoid using RDP on Windows

Several new vulnerability disclosures in Windows Remote Desktop Protocol suggest it’s time to stop using it where possible. Here’s how.

Windows security and protection [Windows logo/locks]

More critical Remote Desktop flaws expose Windows systems to hacking

Microsoft finds and fixes multiple RDS and RDP vulnerabilities in Windows, but new research on BlueKeep patch rates suggests many machines could remain exposed.

Identity access management  >  abstract network connections and circuits reflected in eye

How to check Privileged Identity management settings for Office 365

Microsoft Azure Privileged Identity Management (PIM) allows you to set administrative rights for roles on an as-needed basis, reducing risk.

Load More