Security News

Today is Microsoft's March 2023 Patch Tuesday, and security updates fix two actively exploited zero-day vulnerabilities and a total of 83 flaws. This month's Patch Tuesday fixes two zero-day vulnerabilities actively exploited in attacks.

An open source adversary-in-the-middle phishing kit has found a number of takers in the cybercrime world for its ability to orchestrate attacks at scale. DEV-1101, per the tech giant, is said to be the party behind several phishing kits that can be purchased or rented by other criminal actors, thereby reducing the effort and resources required to launch a phishing campaign.

Microsoft will soon fast-track multi-factor authentication adoption for its Microsoft 365 cloud productivity platform by adding MFA capabilities to the Outlook email client. The company says in a new Microsoft 365 roadmap entry that users will be able to complete MFA requests for Microsoft 365 apps directly in the Outlook app via a new feature dubbed Authenticator Lite.

Microsoft has finally addressed a known issue causing significant performance hits when copying large files over SMB after installing the Windows 11 2022 update. The fix comes after Microsoft's Ned Pyle explained in October that "There is a performance reduction in 22H2 when copying larger files from a remote computer down to a Windows 11 computer or when copying files on a local drive."

Microsoft will introduce improved protection against phishing attacks pushing malware via malicious Microsoft OneNote files.To thwart phishing attacks using malicious Microsoft OneNote attachments, you can set up secure mail gateways or mail servers to automatically block OneNote documents with.

Microsoft has announced that, starting in April 2023, they will be adding enhanced protection when users open or download a file embedded in a OneNote document - a known high-risk phishing file type. "Users will receive a notification when the files seem dangerous to improve the file protection experience in OneNote on Windows," the company said.

Microsoft's Security Intelligence team recently investigated a business email compromise attack and found that attackers move rapidly, with some steps taking mere minutes. BEC attacks are a type of cyberattack where the attacker gains access to an email account of the target organization through phishing, social engineering, or buying account credentials on the dark web.

Microsoft says the latest Windows 11 build rolling out to Insiders in the Canary channel will enable Local Security Authority protection by default. LSA protection is crucial for safeguarding against the theft of sensitive information or login credentials by blocking untrusted code injection into the LSA process and blocking process memory dumping.

Microsoft has released a new Windows 11 preview build with new features such as File Explorer access keys, a new VPN status indicator, and a new way to copy two-factor authentication codes from text messages. The new Access Keys features in File Explorer will enable users to execute any command in the context menu using keyboard strokes.

Microsoft says the Excel spreadsheet software is now blocking untrusted XLL add-ins by default in Microsoft 365 tenants worldwide. "We are introducing a default change for Excel Windows desktop apps that run XLL add-ins: XLL add-ins from untrusted locations will now be blocked by default," Microsoft said in a new Microsoft 365 message center post.