-
Microsoft has released new PowerShell 5.1 cmdlets to let IT pros assess the performance of Microsoft Defender Antivirus.
-
The August edition of Microsoft's monthly security patch rollout is here, addressing 44 CVEs, seven of them characterized as "Critical" by security researchers.
-
An elevation-of-privilege vulnerability (CVE-2021-36934) is present in Windows 10 client operating systems, per a Tuesday Microsoft security advisory .
-
Microsoft's latest monthly patch tally is back in the three digits.
-
Security researchers counted 49 common vulnerabilities and exposures (CVEs) in Microsoft's June security patch release, with five being "Critical" and the rest "Important."
-
The Nobelium espionage group targeted about 3,000 e-mail accounts, commencing May 25, a Thursday Microsoft announcement indicated.
-
Four CVEs this month were described as "Critical" in severity, 50 were deemed "Important" and one was "Moderate."
-
Ivanti recently issued a warning about a new security vulnerability in its Pulse Connect Secure VPN appliances that enables "an unauthenticated user to perform remote arbitrary file execution on the Pulse Connect Secure gateway."
-
The April rollout comprised security updates for 114 common vulnerabilities and exposures (CVEs), including "Critical" Exchange Server patches that Microsoft implored organizations to apply "as soon as possible."
-
Microsoft's March security update release delivered patches for 89 common vulnerabilities and exposures (CVEs), up 60 percent from last month.
-
Microsoft has issued out-of-band security patches to address zero-day flaws affecting Exchange Server 2013, Exchange Server 2016 and Exchange Server 2019.
-
Microsoft's February security patch bundle rolled out on Tuesday to address 56 security vulnerabilities.
-
Microsoft's January security patch release addresses 83 common vulnerabilities and exposures (CVEs), 10 of which were described as "Critical" by security researchers and 73 as "Important."
-
Microsoft this week announced the release of a new endpoint detection and response (EDR) capability specifically for Linux servers in the Microsoft Defender for Endpoint product.
-
Organizations that want to detect and block the old and insecure Transport Layer Security (TLS) protocol can draw on some new advice from the U.S. National Security Agency.
-
Certain subscribers to the Microsoft Defender for Office 365 service can now access a new "attack simulation training" feature, Microsoft announced this week.
-
In the wake of the SolarWinds Orion-based software attack discovered last month, Microsoft has shared several resources for IT pros to help them discover similar breaches.
-
A new feature in the Microsoft Authenticator app that stores and autofills user names and passwords is now in preview.
-
Microsoft's December security bundle of software fixes, released Tuesday, addresses just 58 vulnerabilities, about half as much as previous months' totals.
-
Last month's relatively lightweight patch rollout from Microsoft appears to be an anomaly. Microsoft on Tuesday addressed 112 common vulnerabilities and exposures (CVEs) with its November security update bundle.
-
Microsoft has revamped its monthly "Security Update Guide," which often comes in at or above 100 pages, to be a more palatable length for IT pros.
-
Security researchers at Check Point this week found that most phishing attacks are trying to fool end users by spoofing the Microsoft brand.
-
Microsoft last week issued two "out-of-band" security updates outside of its traditional Patch Tuesday bundle, which arrived on Oct. 13 this month.
-
Microsoft addressed just 87 common vulnerabilities and exposures (CVEs) in its October security patch bundle, the first time in months that it has patched under 100 vulnerabilities.
-
CISA and the FBI recently announced a joint cybersecurity advisory on attacks against government networks, as well as other organizational networks.