microsoft – Page 10 – Computer Security Articles

MalwareBytes Security

July 12, 2023 admin

Update now! Microsoft patches a whopping 130 vulnerabilities

Categories: Exploits and vulnerabilities

Categories: News

Tags: Microsoft

Tags: Adobe

Tags: Apple

Tags: Android

Tags: Cisco

Tags: Fortinet

Tags: MOVEit

Tags: Mozilla

Tags: SAP

Tags: VMware

Tags: CVE-2023-32049

Tags: CVE-2023-35311

Tags: CVE-2023-32046

Tags: CVE-2023-36874

Tags: CVE-2023-36844

For the July 2023 Patch Tuesday, Microsoft has issued security updates for 130 vulnerabilities, four of which are known to have been actively exploited.

MalwareBytes Security

June 23, 2023 admin

Microsoft Azure AD flaw can lead to account takeover

Categories: Exploits and vulnerabilities

Categories: News

Tags: OAuth

Tags: nOAuth

Tags: IdP

Tags: Azure

Tags: Microsoft

Tags: login with

Researchers have found a flaw in Microsoft Azure AD which they claim can be used to take over accounts that rely on pre-established trust.

ComputerWorld Independent

June 20, 2023 admin

With one June Patch Tuesday update, Microsoft falls short

I’ve tracked Microsoft’s Windows patches for years and closely watched all of the changes the company has made. I remember when you had to install updates in a certain order — and watch for which one had to be installed first. I remember the arrival of automated patching using Software Update Services (later called Windows Server Update Services). I’ve seen how we went from a system where each vulnerability was patched individually to what we now have: cumulative patching.

The ideal patch is self-contained. Install, reboot, get back to your work. It causes no side effects. It protects the operating system. And you forget about it because it does what it’s supposed to do.

To read this article in full, please click here

ComputerWorld Independent

June 19, 2023 admin

Recent Teams, Office outages were caused by cyberattacks: Microsoft

Microsoft has confirmed that recent outages to its popular services, including Outlook, Teams, OneDrive, and cloud computing platform Azure, were caused by a DDoS attack by a threat actor that the company tracks as Storm-1359.

Also known as Anonymous Sudan, Storm-1359 was first detected in January, targeting organizations and government agencies with DDoS attacks and efforts to exfiltrate data. The threat actor was initially assumed to be a “hacktivist” group protesting a controversial outfit at the Melbourne Fashion Week but has since been linked to the Russian state, according to several media reports.

To read this article in full, please click here

ComputerWorld Independent

June 16, 2023 admin

June's Patch Tuesday updates focus on Windows, Office

Microsoft released 73 updates to its Windows, Office, and Visual Studio platforms on Patch Tuesday, with many of them dealing with core, but not urgent, security vulnerabilities. That’s a welcome respite from the previous six months of urgent zero-days and public disclosures. With that in mind, the Readiness testing team suggests a focus on printing and backup/recovery processes to make sure they’re not affected by this update cycle.

For the first time, we see a (non-Adobe) third-party vendor added to a Patch Tuesday release, with three minor plugin updates to Visual Studio for AutoDesk. Expect to see more such vendors added to Microsoft’s updates in the near future. The team at Readiness has created a useful infographic that outlines the risks associated with each of the updates.

To read this article in full, please click here

MalwareBytes Security

June 14, 2023 admin

Microsoft fixes six critical vulnerabilities in June Patch Tuesday

Categories: Exploits and vulnerabilities

Categories: News

Tags: Microsoft

Tags: patch Tuesday

Tags: CVE-2023-29357

Tags: CVE-2023-29363

Tags: CVE-2023-32014

Tags: CVE-2023-32015

Tags: CVE-2023-32013

Tags: CVE-2023-24897

Tags: CVE-2023-32031

Tags: SharePoint

Tags: PGM

Tags: Exchange

Tags: Hyper-V

Patch Tuesday of June 2023 is relatively relaxed. No actively exploited zero-days and only six critical vulnerabilities.

Security Sophos

June 13, 2023 admin

A smorgasbord for June’s Patch Tuesday

Credit to Author: Angela Gunn| Date: Tue, 13 Jun 2023 21:05:13 +0000

Between its own fixes and a slew of FYI alerts covering Edge, GitHub, and Autodesk, Microsoft piles 94 CVEs onto sysadmins’ plates; Fortinet and Adobe also at the table

MalwareBytes Security

June 7, 2023 admin

Microsoft illegally collected and retained children’s data, says FTC

Categories: Personal

Tags: Microsoft

Tags: Xbox

Tags: privacy

Tags: children

Tags: COPPA

Tags: FTC

Tags: fine

Tags: settlement

Tags: games console

Tags: gaming

Tags: video games

Microsoft is counting the cost of privacy violations, with $20m in fines related to illegal data collection from children’s Xbox accounts.