Microsoft's January Patch Rollout Tackles 10 'Critical' Flaws

Microsoft's January security patch release addresses 83 common vulnerabilities and exposures (CVEs), 10 of which were described as "Critical" by security researchers and 73 as "Important."

Linux Server Monitoring Comes to Microsoft Defender for Endpoint

Microsoft this week announced the release of a new endpoint detection and response (EDR) capability specifically for Linux servers in the Microsoft Defender for Endpoint product.

NSA Gives Advice on Reducing TLS Security Risk

Organizations that want to detect and block the old and insecure Transport Layer Security (TLS) protocol can draw on some new advice from the U.S. National Security Agency.

Microsoft Releases Office 365 Attack Simulation Training Capability

Certain subscribers to the Microsoft Defender for Office 365 service can now access a new "attack simulation training" feature, Microsoft announced this week.

Microsoft Advises IT on Tracking Down 'Solorigate'-Style Attacks

In the wake of the SolarWinds Orion-based software attack discovered last month, Microsoft has shared several resources for IT pros to help them discover similar breaches.

Microsoft Tests Out 'Password Storage' Feature in Authenticator

A new feature in the Microsoft Authenticator app that stores and autofills user names and passwords is now in preview.

PowerShell Crescendo Released to Preview

PowerShell Crescendo, a new module for PowerShell that aims to wrap so-called "native" utility applications via the familiar verb-noun syntax used in PowerShell cmdlets, is now available for preview.

Microsoft Patches a Mere 58 Vulnerabilities in December Patch Rollout

Microsoft's December security bundle of software fixes, released Tuesday, addresses just 58 vulnerabilities, about half as much as previous months' totals.

Problems Cause Microsoft To Pause Windows 10 Team Update for Surface Hub

Some users of Microsoft's Surface Hub 2S conference devices will have to wait a bit longer to receive the Windows 10 Team 2020 Update via Windows Update.

Microsoft Releases PowerShell 7.1

PowerShell 7.1, touted by Microsoft as a "major update" to the scripting language, reached general availability this week.

Microsoft's November Patch Count Passes 100-Mark Again

Last month's relatively lightweight patch rollout from Microsoft appears to be an anomaly. Microsoft on Tuesday addressed 112 common vulnerabilities and exposures (CVEs) with its November security update bundle.

Microsoft Pares Down Its Mammoth Security Update Guide

Microsoft has revamped its monthly "Security Update Guide," which often comes in at or above 100 pages, to be a more palatable length for IT pros.

IT Pros Can Now View Which Windows 10 Feature Updates Get Blocked

Microsoft recently a described a mechanism that lets IT pros view Windows 10 "safeguard holds," which is Microsoft's term for OS feature updates that have been blocked from downloading.

Report: Microsoft the Most-Imitated Brand by Phishers

Security researchers at Check Point this week found that most phishing attacks are trying to fool end users by spoofing the Microsoft brand.

Out-of-Band Microsoft Patches Released for Remote Code Execution

Microsoft last week issued two "out-of-band" security updates outside of its traditional Patch Tuesday bundle, which arrived on Oct. 13 this month.

Microsoft's Patch Rollout Comes in Under 100 for First Time in Months

Microsoft addressed just 87 common vulnerabilities and exposures (CVEs) in its October security patch bundle, the first time in months that it has patched under 100 vulnerabilities.

Feds Warn of VPN Attacks That May Be Targeting Election Security

CISA and the FBI recently announced a joint cybersecurity advisory on attacks against government networks, as well as other organizational networks.

Microsoft Security Report Warns of VPN Attacks, Ransomware and Phishing

Microsoft has released its 2020 "Digital Defense Report," painting a detailed picture of the current cybersecurity threat landscape.

CISA: Windows Server Netlogon Now Vulnerable to Attack

A "Critical"-rated Netlogon vulnerability in newer Windows Server versions can now be exploited via publicly accessible code, warned the Cybersecurity and Infrastructure Security Agency (CISA) this week.

Microsoft Addresses 129 Vulnerabilities in September Patch Release

Microsoft's latest security patch rollout addresses 129 common vulnerabilities and exposures (CVEs), continuing the company's 2020 trend of hefty patch deliveries.