Windows Security

Windows Security | News, how-tos, features, reviews, and videos

Broken window with band-aid patch

Microsoft urges Windows customers to patch wormable RDP flaw

A newly found vulnerability allows remote exploits using the Remote Desktop Protocol to gain full access to systems with no authentication.

Windows security and protection [Windows logo/locks]

How to outwit attackers using two Windows registry settings

These Microsoft Windows registry settings will prevent attackers from scheduling tasks that will hide their activities or gain unauthorized access.

security firewall breach hacker privacy battle id work getty

How to enable the Windows Potentially Unwanted Application (PUA) feature

Turning on the PUA setting helps avoid users falling prey to malicious drive-by downloads.

patch on top of Windows logo

How to prep legacy Windows systems for the switch to SHA-2

Install these patches on Windows 7 and other legacy platforms now so you can continue to receive security updates.

Microsoft Office logo within an environment of abstract binary code with shield and lock.

Microsoft Office now the most targeted platform, as browser security improves

The number of attacks carried out using the popular suite has increased in the past two years, Kaspersky Lab researchers say.

Windows security and protection [Windows logo/locks]

How to protect yourself from PC hardware and hardware driver vulnerabilities

Attackers have hijacked PC motherboard update software and hardware drivers to install malware. Here's how to identify vulnerable systems and prevent driver-delivered malware.

deadline clock time speed analog clock by ryan mcguire gratisography

How and when to set Windows logging to UTC time

As networks become more distributed and cloud-based, you should consider changing servers to UTC time to ensure proper syncing. This will help with forensics investigations.

Microsoft Windows update arrows / progress bars

How to prepare for the Microsoft Windows 10 1903 security feature update

Microsoft is changing the way it does Windows 10 feature updates, and that will affect how you schedule update deferrals. Here's what you need to know.

clock on the processor of a circuilt board

How to time-sync Windows systems

Incorrect time on a Windows device or server can prevent security updates or user authentication, and it can interfere with a forensics investigation.

security audit - risk assessment - network analysis

How to audit Windows Task Scheduler for cyber-attack activity

Two recently discovered Windows zero-day attacks underscore the importance of monitoring for unauthorized tasks.

Microsoft Windows update arrows on laptop and mobile phone

Windows security updates that require new registry keys

Don't assume automated Windows security updates are complete. You might need to add registry keys manually. Here are a few to check now.

9 screen locking device lock down authentication

How to hack a smartcard to gain privileged access

Using smartcards in a Microsoft Active Directory environment makes them vulnerable to this privilege escalation attack.

login password - user permissions - administrative control

How to protect against poor Windows password practices

Employees will reuse passwords for work systems for their personal online accounts. Here's how to set up multifactor authentication in a Windows environment to reduce the risk of password compromise.

malware cybersecurity skull crossbone

Qbot malware resurfaces in new attack against businesses

This new persistent and difficult-to-detect Qbot version is designed to steal financial information.

11 event logging

How to install PowerShell 5 on Windows 7

Have older Windows systems on your network? You can give them PowerShell 5's event logging capabilities even if they run Windows 7.

a hooded figure targets a coding vulnerability

Are zero-day exploits the new norm?

Research from Microsoft's Matt Miller shows that every actively exploited Windows vulnerability in 2017 was first done using a zero-day attack. Other research shows this trend extends across the IT landscape.

meltdown spectre

How to update Windows 10 for side channel vulnerability fixes

Since Spectre and Meltdown were discovered in 2018, other side channel vulnerabilities have emerged. These are the mitigations to consider for each of them.

managed security service providers

How to prevent and recover from an APT attack through a managed service provider

Threat actors are compromising their targeted victims through managed service providers (MSPs). These are the steps to take to minimize your exposure and to recover from these attacks if necessary.

Windows security and protection [Windows logo/locks]

How to harden Windows 10 workstations and servers: Disable SMB v1

Early versions of Server Message Block are still present on many Windows networks and devices, leaving them open to attack. Here's how to detect and disable them.

spear fishing

How to defend Office 365 from spear-phishing attacks

A recent successful zero-day Flash attack began with a spear-phishing email. These Windows 10 and Office 365 settings could have prevented it.

Load More