The U.S. Cybersecurity and Infrastructure Security Agency on Friday warned that functional proof-of-concept code for a Server Message Block 3.1.1 vulnerability in newer Windows systems has been published.
The ability to automatically classify documents using the Microsoft Information Protection service's sensitivity labels feature is now at the "general availability" commercially-release stage, Microsoft announced this week.
Domain Name System (DNS) over HTTPS encryption, known as "DoH," can now be tested in a recently released preview version of Windows 10.
This month's security patch bundle from Microsoft continued the hefty "Update Tuesday" trend, delivering fixes for approximately 111 common vulnerabilities and exposures.
Starting June 1, eligible customers that "visit" or use the Microsoft 365 Security Center portal will be able to access certain Microsoft Threat Protection capabilities.
Three new features for assessing policy settings on Azure AD Conditional Access became generally available (GA) this week.
For organizations whose employees have shifted to working remotely en masse, Microsoft has explained how the machine password reset mechanism for Windows systems works for them.
The Continuous Access Evaluation (CAE) protocol undergirds certain Office 365 and Azure Active Directory products, providing an additional layer of identity and access protections, Microsoft explained this week.
Pulse Secure virtual private network (VPN) products have earned another security warning from the U.S. Cybersecurity and Infrastructure Security Agency (CISA).
A new Azure Active Directory registration process became generally available (GA) this week, adding multifactor authentication (MFA) and self-service password registration.
Microsoft's latest security patch bundle, released Tuesday, was another hefty one.
The end date for Basic Authentication on Exchange Online has been postponed to the "second half of 2021" from the originally planned Oct. 13, 2020, Microsoft said on Friday.
Microsoft's plan to drop support for Transport Layer Security (TLS) protocols 1.0 and 1.1 in its browsers has been pushed back to the second half (2H) of 2020, the company announced this week.
Researchers from Mimecast reported this week that attackers are hiding malicious payloads in Excel files sent by e-mail by using a standard Excel feature.
Microsoft this month announced a couple of Azure Active Directory improvements with regard to custom roles and multifactor authentication support that are available now and on the horizon.
A "Critical"-rated remote code execution vulnerability in both supported and unsupported Windows systems has been exposed to "limited, targeted attacks," Microsoft warned in a security advisory this week.
Microsoft is touting the use of Secured-core PCs as a defensive measure against possible PC driver exploits, as explained in this announcement from the company's Windows platform security team.
Windows systems susceptible to a "Critical"-rated vulnerability in Server Message Block (SMB) 3.1.1 got out-of-band patches from Microsoft this week, according to Microsoft's "out-of-band" security bulletin on Thursday.
A new Microsoft advisory warns of a "Critical"-rated Server Message Block (SMB) 3.1.1 vulnerability in newer supported Windows client and server systems.
Microsoft addressed about 115 common vulnerabilities and exposures (CVEs) in its March security patches, which mostly affect Windows systems and Microsoft's browsers, plus a bunch of developer components.