-
Researchers from Microsoft, Intel and Red Hat this week turned the spotlight on a newly discovered execution side-channel attack method they've dubbed "Foreshadow."
-
Users of the Microsoft Edge browser can now test an alternative means of carrying out user authentications besides passwords.
-
Microsoft admitted this week that organizations using Lync Server 2013, Skype for Business Server 2015 and Exchange Server took a hit after applying its July 10 "update Tuesday" patches.
-
Microsoft is replacing its "Premium Assurance" support offering for SQL Server and Windows Server with a new Extended Security Updates program.
-
A Microsoft security advisory addresses the recently disclosed "lazy floating point state restore" security problem (CVE-2018-3665) that's leaving Intel Core and Windows processors vulnerable.
-
Microsoft is aiming to make multifactor authentication (MFA) the default verification option for its Azure Active Directory (AD) identity management service.
-
Organizations using Microsoft's Azure Active Directory or Windows Server Active Directory service can now test drive two new two password security capabilities.
-
A new speculative execution processor vulnerability dubbed "lazy floating point (FP) state save/restore" was disclosed earlier this month.
-
Microsoft last week added a new security capability to its Office 365 Threat Intelligence service.
-
Two new speculative execution side-channel attacks disclosed this week share similarities to the "Meltdown" and "Spectre" attacks that were first reported in January.
-
Microsoft has expanded its sprawling Advanced Threat Protection product line with "a new security package" designed for Azure SQL Database.
-
Microsoft announced a raft of security improvements at the RSA security conference last week affecting its Security Graph, Advanced Threat Protection ATP, Information Protection and Conditional Access products -- and more.
-
Microsoft is previewing a new passwordless sign-in feature based on FIDO2 that's expected to arrive with the Windows 10 spring release.
-
Chipmaker AMD recently issued microcode updates to its OEM partners that protect Windows 10 systems against Spectre variant 2 attack methods.
-
Intel's guidance publication for April indicates that it isn't planning to release microcode updates for some of its processors to prevent Spectre attack methods.
-
Microsoft recently unveiled the newest addition to its security arsenal: Project VAST, a tool designed to surface security problems visually.
-
Recently publicized processor security issues have chip maker AMD scrambling to develop firmware updates.
-
Microsoft is offering security researchers cash rewards in exchange for information on "speculative execution" side-channel CPU vulnerabilities via a new bug bounty program.
-
Microsoft last week expanded some Spectre microcode approvals, as well as lifted an anti-virus compatibility check for some Windows 10 version 1709 devices.
-
Microsoft recently outlined some best practices to protect user identities in Windows Server Active Directory Federation Services or Azure Active Directory.
-
Microsoft has greenlit some Intel Skylake microcode updates for the Windows 10 Fall Creators Update (version 1709) that address Spectre variant 2 types of attacks.
-
Azure Advanced Threat Protection, Microsoft's new cloud-based service for detecting and analyzing security incidents, is now production-ready for organizations.
-
Microsoft Intune users can expect some new security protections for their Android and iOS devices through a recently announced partnership between Microsoft and security firm Pradeo.
-
In its recently updated "Microcode Revision Guidance" document, Intel shared details about the progress of its firmware patches to address potential Meltdown and Spectre attack scenarios.
-
Microsoft recently rolled out its Compliance Manager dashboard and the Azure Information Protection Scanner tool for Microsoft 365 product licensees.