Product features and announcements – Computer Security Articles

Detecting and mitigating elevation-of-privilege exploit for CVE-2017-0005

March 27, 2017 admin Advanced persistent threats, Antimalware research for IT pros and enthusiasts, Coreinfo, Creators Update, CVE-2017-005, Device Guard, EoP, PALETTE, Product features and announcements, SMEP, virtualization-based security, Windows 10, Windows 10 Creators Update, Windows Defender Advanced Threat Protection, Windows Defender ATP, zero-day exploits, ZIRCONIUM

Credit to Author: msft-mmpc| Date: Mon, 27 Mar 2017 15:00:01 +0000

On March 14, 2017, Microsoft released security bulletin MS17-013 to address CVE-2017-0005, a vulnerability in the Windows Win32k component that could potentially allow elevation of privileges. A report from a trusted partner identified a zero-day exploit for this vulnerability. The exploit targeted older versions of Windows and allowed attackers to elevate process privileges on these platforms. In this article, we…

Microsoft Security

No payment necessary: Fighting back against ransomware

January 23, 2017 admin Advanced persistent threats, antimalware, Antimalware research for IT pros and enthusiasts, Coordinated Malware Eradication, enterprise software security, malware research, microsoft, Microsoft Edge, MMPC, Product features and announcements, ransomware, research, Windows 10, Windows Defender, Windows Defender ATP, Windows Defender for Windows 10

Any IT professional who’s ever had an experience with malware knows how fast an intrusive attack can happen, and how difficult it can be to educate employees to be vigilant against such threats. And with ransomware attacks only growing, having information, tools and technologies to help protect your network can mean the difference between serious…

Microsoft Security

Office 2013 can now block macros to help prevent infection

January 23, 2017 admin Antimalware research for IT pros and enthusiasts, Macro-based malware, office, Product features and announcements

In response to the growing trend of macro-based threats, a new feature in Office 2016 allows an enterprise administrator to block users from running macros in Office documents that originated from the Internet. This feature was documented back in March: New feature in Office 2016 can block macros and help prevent infection, and the predominant…