microsoft – Page 16 – Computer Security Articles

Microsoft’s December Patch Tuesday updated delivers 59 fixes, including two zero-days (CVE-2022-44698 and CVE-2022-44710) that require immediate attention on the Windows platform. This is a network focused update (TCP/IP and RDP) that will require significant testing with an emphasis on ODBC connections, Hyper-V systems, Kerberos authentication, and printing (both local and remote).

Microsoft also published an urgent out-of-band update (CVE-2022-37966) to address serious Kerberos authentication issues. (The team at Readiness has provided a helpful infographic that outlines the risks associated with each of these updates.)

To read this article in full, please click here

ComputerWorld Independent

December 16, 2022 admin

Patch Tuesday: Two zero-day flaws in Windows zero-days immediate attention

To read this article in full, please click here

ComputerWorld Independent

December 15, 2022 admin

Microsoft calls time out on Apple Watch Authenticator

Using an Apple Watch as a device to authenticate access to enterprise sites and services using Microsoft Authenticator is a convenience that’s about to go away. Microsoft says the feature will stop working after an Authenticator update scheduled for next month.

Apple Watch auth out

Microsoft Authenticator makes it easy to sign into Microsoft accounts, supported apps or services using two-step verification. Authenticator also generates one-time use codes, so you needn’t wait for text messages or calls to access your accounts.

To read this article in full, please click here

MalwareBytes Security

December 14, 2022 admin

Update now! Two zero-days fixed in 2022’s last patch Tuesday

Categories: Exploits and vulnerabilities

Categories: News

Tags: patch Tuesday

Tags: Microsoft

Tags: Android

Tags: Apple

Tags: Mozilla

Tags: Google

Tags: Sap

Tags: Citrix

Tags: Fortinet

Tags: Cisco

Tags: CVE-2022-44698

Tags: MotW

Tags: CVE-2022-44710

Tags: race condition

Tags: CVE-2022-44670

Tags: CVE-2022-44676

Tags: CVE-2022-41076

Tags: remote powershell

The last patch Tuesday of 2022 is here—find out what Microsoft and many others have fixed

Security Sophos

December 13, 2022 admin

2022 Patch Tuesday cycle wraps with 48 CVEs, one advisory

Credit to Author: Angela Gunn| Date: Tue, 13 Dec 2022 18:00:22 +0000

Windows-heavy collection closes out a year of elevation-of-privilege vulnerabilities; no Exchange patches in sight

ComputerWorld Independent

December 7, 2022 admin

A compliance fight in Germany could hurt Microsoft customers

Credit to Author: eschuman@thecontentfirm.com| Date: Wed, 07 Dec 2022 04:32:00 -0800

If there are two things that should never mix, it’s cybersecurity/privacy compliance and corporate politics. And yet, that’s at the heart of a compliance fight between Microsoft and German authorities that might wind up punishing the company’s customers.

The German Datenschutzkonferenz — the regulatory body entrusted to handle Germany’s flavor of the European Union’s General Data Protection Regulation (GDPR) — has publicly declared that “no data protection-compliant use of Microsoft Office 365 was possible.”

To read this article in full, please click here

Microsoft Security

December 6, 2022 admin

DEV-0139 launches targeted attacks against the cryptocurrency industry

Credit to Author: Katie McCafferty| Date: Tue, 06 Dec 2022 17:00:00 +0000

Microsoft security researchers investigate an attack where the threat actor, tracked DEV-0139, used chat groups to target specific cryptocurrency investment companies and run a backdoor within their network.

The post DEV-0139 launches targeted attacks against the cryptocurrency industry appeared first on Microsoft Security Blog.