Security News

Microsoft has addressed a known issue that triggers SSL/TLS handshake failures on client and server platforms with the release of the KB5018496 preview cumulative update. [...]

Microsoft warns that a newly acknowledged issue can lead to data loss when resetting virtual disks using the Server Manager management console. [...]

Microsoft says it addressed an issue preventing its vulnerable driver blocklist from being synced to systems running older Windows versions. This blocklist is designed to block threat actors from dropping legitimate but vulnerable drivers on targets' systems in Bring Your Own Vulnerable Driver attacks on HVCI-enabled Windows machines or those running Windows in S Mode.

Microsoft is bringing Azure Active Directory Identity Protection alerts to Microsoft 365 Defender to seemingly help IT folks thwart criminals infiltrating corporate networks via compromised users. For one thing, this means that if you want to find out the role an Azure AD identity played in an intrusion, you can now do so from one place, Microsoft 365 Defender, saving you from having to check your Azure portal, according to Microsoftie Idan Pelleg.

A threat group known as Vice Society has been switching ransomware payloads in attacks targeting the education sector across the United States and worldwide. As Microsoft Security Threat Intelligence analysts shared in a report published today, Vice Society has been swapping between BlackCat, QuantumLocker, Zeppelin, and a Vice Society-branded variant of Zeppelin ransomware.

Microsoft has fixed a known issue blocking the Windows 11 2022 Update from being offered on systems with printers using Universal Print Class or Microsoft IPP Class drivers because of compatibility issues. In late September, Redmond added a compatibility hold to block Windows 11 22H2 on affected systems because some installed printers might only allow customers to use the default settings with features like color, 2-sided printing, or higher resolutions.

Microsoft is developing a Windows system optimization program called 'PC Manager' that combines existing Windows tools into one interface. If you are a Windows user, you have likely run into various Windows system cleaners or system optimization programs that promise to increase the speed of your computer by deleting unnecessary files and Registry keys.

"This misconfiguration resulted in the potential for unauthenticated access to some business transaction data corresponding to interactions between Microsoft and prospective customers, such as the planning or potential implementation and provisioning of Microsoft services," Microsoft said in an alert.The exposure amounts to 2.4 terabytes of data that consists of invoices, product orders, signed customer documents, partner ecosystem details, among others.

Microsoft has confirmed a data leak linked to a misconfigured server for a cloud storage service but is disputing the extent of the problem.In a revelation this week, Microsoft's Security Response Center said the cloud provider was notified by threat intelligence firm SOCRadar on September 24 about the misconfigured endpoint that exposed business transaction data related to interactions between Microsoft and customers.

Microsoft says the latest Windows 11 preview build improves update management for IT administrators and fixes several issues leading to app crashes. The focus of this build's update improvements is to help admins make system restarts after Windows updates are installed more predictable.