Thursday, April 25, 2024
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

Office Software

ComputerWorld Independent 

Microsoft beefs up OneDrive security

admin , , ,

Credit to Author: Gregg Keizer| Date: Wed, 26 Jun 2019 11:49:00 -0700

Microsoft today announced changes to its OneDrive storage service that will let consumers protect some or even all of their cloud-stored documents with an additional layer of security.

The new feature – dubbed OneDrive Personal Vault – was trumpeted as a special protected partition of OneDrive where users could lock their “most sensitive and important files.” They would access that area only after a second step of identity verification, ranging from a fingerprint or face scan to a self-made PIN, a one-time code texted to the user’s smartphone or the use of the Microsoft Authenticator mobile app. (The process is often labeled as two-factor security to differentiate it from the username/password that typically secures an account.)

To read this article in full, please click here

Read more
ComputerWorld Independent 

Microsoft's multi-factor authentication service flakes out – again

admin , , ,

Credit to Author: Gregg Keizer| Date: Tue, 27 Nov 2018 14:02:00 -0800

Just one day after Microsoft came clean with an explanation of a Nov. 19 outage that blocked users of Office 365 from logging into their accounts using Multi-Factor Authentication (MFA), today the service again went on the fritz.

“Starting at 14:25 UTC on 27 Nov 2018, customers using Multi-Factor Authentication (MFA) may experience intermittent issues signing into Azure resources, such as Azure Active Directory, when MFA is required by policy,” read the Azure status dashboard. Two and a half hours later, the dashboard reported that after resolving a problem with an earlier DNS (Domain Name Service) issue, engineers rebooted the services. “They observed a decrease in the failure rate after the reboot cycles,” the dashboard concluded.

To read this article in full, please click here

Read more
ComputerWorld Independent 

Microsoft yanks buggy Office 2016 patch KB 4018385, republishes all of this month’s patch downloads

admin , ,

Credit to Author: Woody Leonhard| Date: Fri, 13 Jul 2018 06:43:00 -0700

As I reported yesterday, the July 2018 Windows and Office patches teem with bugs. We’re just beginning to see the fallout.

The July 3 non-security Office 2016 patch KB 4018385 is officially yanked. If you don’t recall KB 4018385 — a small patch in a sea of Office fixes — the original KB article describes it thusly:

To read this article in full, please click here

Read more
ComputerWorld Independent 

Two more evolving threats: JavaScript in Excel and payment processing in Outlook

admin , ,

Credit to Author: Woody Leonhard| Date: Fri, 11 May 2018 09:04:00 -0700

Once upon a time – dating back to the first “Concept” macro virus in Word – the Office folks were wary of new features that had possible security implications. But in the past few weeks, we’ve been introduced to two new features that have “Kick Me” written all over them.

First, JavaScript in Excel. I mean, what could possibly go wrong?

Last December, Microsoft published a Dev Center article that talked about using the new Excel JavaScript API to create add-ins for Excel 2016.

To read this article in full, please click here

Read more
ComputerWorld Independent 

Office as a malware delivery platform: DDE, Scriptlets, Macro obfuscation

admin , ,

Credit to Author: Woody Leonhard| Date: Tue, 19 Dec 2017 13:34:00 -0800

Read more
ComputerWorld Independent 

Another banner Patch Tuesday, with a Word zero-day and several bugs

admin , ,

Credit to Author: Woody Leonhard| Date: Tue, 10 Oct 2017 13:28:00 -0700

It’s going to be a banner patching month. I count 151 separate security patches and 48 Knowledge Base articles, as well as the odd Security Advisory.

The Windows patch Release Notes point to four known bugs:

The cumulative update for Win10 Creators Update, version 1703 — which sports dozens of fixes — has a couple of problems: Systems with support enabled for USB Type-C Connector System Software Interface (UCSI) may experience a blue screen or stop responding with a black screen when a system shutdown is initiated, and it may change Czech and Arabic languages to English for Microsoft Edge and other applications.

To read this article in full or to leave a comment, please click here

Read more
ComputerWorld Independent 

Duck! Windows and Office patches are coming

admin , ,

Credit to Author: Woody Leonhard| Date: Tue, 10 Oct 2017 04:30:00 -0700

If you’re running Windows, do yourself a favor and put Automatic Update on a temporary hold. Then wait and see if anything comes bursting apart at the seams.

Last month, there was good reason to install specific patches shortly after they were released — at least if you couldn’t train yourself to avoid the “Enable Editing” button in Word. But by and large, if you could avoid that button, there were myriad reasons why waiting a bit before installing the September patches paid off.

To read this article in full or to leave a comment, please click here

Read more