Microsoft has released new PowerShell 5.1 cmdlets to let IT pros assess the performance of Microsoft Defender Antivirus.
The August edition of Microsoft's monthly security patch rollout is here, addressing 44 CVEs, seven of them characterized as "Critical" by security researchers.
An elevation-of-privilege vulnerability (CVE-2021-36934) is present in Windows 10 client operating systems, per a Tuesday Microsoft security advisory .
Microsoft's latest monthly patch tally is back in the three digits.
Security researchers counted 49 common vulnerabilities and exposures (CVEs) in Microsoft's June security patch release, with five being "Critical" and the rest "Important."
The Nobelium espionage group targeted about 3,000 e-mail accounts, commencing May 25, a Thursday Microsoft announcement indicated.
Four CVEs this month were described as "Critical" in severity, 50 were deemed "Important" and one was "Moderate."
Ivanti recently issued a warning about a new security vulnerability in its Pulse Connect Secure VPN appliances that enables "an unauthenticated user to perform remote arbitrary file execution on the Pulse Connect Secure gateway."
The April rollout comprised security updates for 114 common vulnerabilities and exposures (CVEs), including "Critical" Exchange Server patches that Microsoft implored organizations to apply "as soon as possible."
Microsoft's March security update release delivered patches for 89 common vulnerabilities and exposures (CVEs), up 60 percent from last month.
Microsoft has issued out-of-band security patches to address zero-day flaws affecting Exchange Server 2013, Exchange Server 2016 and Exchange Server 2019.
Microsoft's February security patch bundle rolled out on Tuesday to address 56 security vulnerabilities.
Microsoft's January security patch release addresses 83 common vulnerabilities and exposures (CVEs), 10 of which were described as "Critical" by security researchers and 73 as "Important."
Microsoft this week announced the release of a new endpoint detection and response (EDR) capability specifically for Linux servers in the Microsoft Defender for Endpoint product.
Organizations that want to detect and block the old and insecure Transport Layer Security (TLS) protocol can draw on some new advice from the U.S. National Security Agency.
Certain subscribers to the Microsoft Defender for Office 365 service can now access a new "attack simulation training" feature, Microsoft announced this week.
In the wake of the SolarWinds Orion-based software attack discovered last month, Microsoft has shared several resources for IT pros to help them discover similar breaches.
A new feature in the Microsoft Authenticator app that stores and autofills user names and passwords is now in preview.
Microsoft's December security bundle of software fixes, released Tuesday, addresses just 58 vulnerabilities, about half as much as previous months' totals.
Last month's relatively lightweight patch rollout from Microsoft appears to be an anomaly. Microsoft on Tuesday addressed 112 common vulnerabilities and exposures (CVEs) with its November security update bundle.
Microsoft has revamped its monthly "Security Update Guide," which often comes in at or above 100 pages, to be a more palatable length for IT pros.
Security researchers at Check Point this week found that most phishing attacks are trying to fool end users by spoofing the Microsoft brand.
Microsoft last week issued two "out-of-band" security updates outside of its traditional Patch Tuesday bundle, which arrived on Oct. 13 this month.
Microsoft addressed just 87 common vulnerabilities and exposures (CVEs) in its October security patch bundle, the first time in months that it has patched under 100 vulnerabilities.
CISA and the FBI recently announced a joint cybersecurity advisory on attacks against government networks, as well as other organizational networks.