Security News

Microsoft is extending the Defender brand with a version aimed at families and individuals.Microsoft Defender for individuals, available for Microsoft 365 Personal and Family subscribers, is a cross-platform application, encompassing macOS, iOS, and Android devices and extending "The protection already built into Windows Security beyond your PC.".

Microsoft is investigating a newly acknowledged issue causing connectivity issues when using Wi-Fi hotspots after deploying Windows updates released during the June 2022 Patch Tuesday. According to a new entry on the Windows release health dashboard, Windows devices where one of the June updates has been installed might be unable to use the Wi-Fi hotspot feature.

Microsoft is warning that the BlackCat ransomware crew is leveraging exploits for unpatched Exchange server vulnerabilities to gain access to targeted networks. Upon gaining an entry point, the attackers swiftly moved to gather information about the compromised machines, followed by carrying out credential theft and lateral movement activities, before harvesting intellectual property and dropping the ransomware payload. The entire sequence of events played out over the course of two full weeks, the Microsoft 365 Defender Threat Intelligence Team said in a report published this week.

Microsoft has announced today the general availability of Microsoft Defender for Individuals, the company's new security solution for personal phones and computers. This new cross-device security solution is available for all Microsoft 365 customers with Personal or Family subscriptions starting today.

Microsoft has announced today the general availability of Microsoft Defender for Individuals, the company's new security solution for personal phones and computers. Defender for Individuals also provides safety alerts and recommendations, including real-time warnings about device security changes and suggestions on keeping data and devices secure.

Security researchers are warning that threat actors could hijack Office 365 accounts to encrypt for a ransom the files stored in SharePoint and OneDrive services that companies use for cloud-based collaboration, document management and storage. A ransomware attack targeting files on these services could have severe consequences if backups aren't available, rendering important data inaccessible to owners and working groups.

Microsoft has incorporated additional improvements to address the recently disclosed SynLapse security vulnerability in order to meet comprehensive tenant isolation requirements in Azure Data Factory and Azure Synapse Pipelines. The high-severity issue, tracked as CVE-2022-29972 and disclosed early last month, could have allowed an attacker to perform remote command execution and gain access to another Azure client's cloud environment.

Microsoft officially released fixes to address an actively exploited Windows zero-day vulnerability known as Follina as part of its Patch Tuesday updates. Tracked as CVE-2022-30190, the zero-day bug relates to a remote code execution vulnerability affecting the Windows Support Diagnostic Tool when it's invoked using the "Ms-msdt:" URI protocol scheme from an application such as Word.

Microsoft confirmed today that a future Windows update will permanently disable the Internet Explorer web browser on users' systems."Users will still see the Internet Explorer icon on their devices but if they click to open Internet Explorer, Microsoft Edge will open instead with easy access to IE mode," said the General Manager for Microsoft Edge Enterprise Sean Lyndersay today.

Microsoft has opened its wallet once more to pick up New York-based cyber-threat analyst Miburo. The team is to be folded into Microsoft's Customer Security and Trust organization and the work of its analysts is to be fed into the Windows giants' threat detection and analysis capabilities.