Security News

At its Ignite 2022 event last month, Microsoft announced general availability of Azure Active Director certificate-based authentication, addressing a component the Biden Administration's executive order last year to strengthen the US's cybersecurity. Microsoft is now offering a public preview of Azure AD CBA on devices running Apple's iOS and Android that uses certificates on Yubico's YubiKey hardware security key.

Microsoft has asserted that China's offensive cyber capabilities have improved, thanks to a law that has allowed Beijing to create an arsenal of unreported software vulnerabilities. China's 2021 law required organizations to report security vulnerabilities to local authorities before disclosing them to any other entity.

Programmer and lawyer Matthew Butterick has sued Microsoft, GitHub, and OpenAI, alleging that GitHub's Copilot violates the terms of open-source licenses and infringes the rights of programmers. GitHub Copilot, released in June 2022, is an AI-based programming aid that uses OpenAI Codex to generate real-time source code and function recommendations in Visual Studio.

Microsoft is warning of an uptick in the nation-state and criminal actors increasingly leveraging publicly-disclosed zero-day vulnerabilities for breaching target environments. The tech giant, in its 114-page Digital Defense Report, said it has "Observed a reduction in the time between the announcement of a vulnerability and the commoditization of that vulnerability," making it imperative that organizations patch such exploits in a timely manner.

Attackers are abusing Microsoft Dynamics 365 Customer Voice to evade email filters and deliver phishing emails into Microsoft users' inboxes, Avanan researchers are warning.Microsoft Dynamics 365 is a suite of enterprise resource planning and customer relationship management applications.

Microsoft is rolling out a fix for a known issue affecting Outlook for Microsoft 365 users and preventing them from scheduling Teams meetings because the option is no longer available on the app's ribbon menu. The Teams Meeting add-in can be found in the Calendar view, and it helps Outlook users to create Teams meetings from Outlook.

Microsoft has significantly reduced latency for Windows and Mac users of the Teams desktop client in some critical scenarios when interacting with the application. Jeff Chen, a Microsoft Principal Group Program Manager for Microsoft Teams, said today that the app is now more than 30% faster when switching between chat and channel threads.

Microsoft is now testing a new way to help Windows 11 users get more out of its Windows Search by displaying tip flyouts in the taskbar. Starting today, Windows 11 will display tips prodding Windows Insiders who have installed the latest Windows 11 Dev build to search their PC and the web from the taskbar.

Analysts at Orca Security have found a critical vulnerability affecting Azure Cosmos DB that allowed unauthenticated read and write access to containers.Named CosMiss, the security issue is in Azure Cosmos DB built-in Jupyter Notebooks that integrate into the Azure portal and Azure Cosmos DB accounts for querying, analyzing, and visualizing NoSQL data and results easier.

We and our store and/or access information on a device, such as cookies and process personal data, such as unique identifiers and standard information sent by a device for personalised ads and content, ad and content measurement, and audience insights, as well as to develop and improve products. With your permission we and our partners may use precise geolocation data and identification through device scanning.