Security News
Today is Microsoft's February 2022 Patch Tuesday, and with it comes fixes for one zero-day vulnerability and a total of 48 flaws. Microsoft has fixed 48 vulnerabilities with today's update, with none of them classified as Critical.
Aims to make life harder for miscreants Microsoft Office will soon block untrusted Visual Basic for Applications (VBA) macros sourced from the internet by default – a security measure users can...
Microsoft last week announced that it's temporarily disabling the MSIX ms-appinstaller protocol handler in Windows following evidence that a security vulnerability in the installer component was exploited by threat actors to deliver malware such as Emotet, TrickBot, and Bazaloader. Ms-appinstaller, specifically, is designed to help users install a Windows app by simply clicking a link on a website.
Distribute an App Installer bundle that presented itself as a Trusted App, much like an app from the curated Microsoft Store. In contrast, the App Installer popup that verifies the digital signature of the App Bundle you're downloading explicitly identifies the software itself as a Trusted App, even though it allows the signer of the app to include entirely bogus vendor data in the app bundle, and then helpfully displays that fraudulent "Identification" directly beneath to the "Trusted App" designator.
Microsoft announced today that it will make it difficult to enable VBA macros downloaded from the Internet in several Microsoft Office apps starting in early April, effectively killing a popular distribution method for malware. Using VBA macros embedded in malicious Office documents is a very popular method to push a wide range of malware families in phishing attacks, including Emotet, TrickBot, Qbot, and Dridex.
Microsoft announced today that it will make it difficult to enable VBA macros downloaded from the Internet in several Microsoft Office apps starting in early April, effectively killing a popular distribution method for malware. Using VBA macros embedded in malicious Office documents is a very popular method to push a wide range of malware families in phishing attacks, including Emotet, TrickBot, Qbot, and Dridex.
Microsoft 365 has all the tools you need to run your organization in the cloud, from personal productivity to group collaboration, to advanced analytics and security management. While it does include compliance and policy tools, it doesn't claim to offer a full set of data recovery tools.
Microsoft says it has fixed a known issue triggered by last month's Windows updates that would cause apps using Microsoft. "After installing updates released January 11, 2022 or later, apps using Microsoft.NET Framework to acquire or set Active Directory Forest Trust Information might fail, close, or you might receive an error from the app or Windows," Microsoft explained in an update to the Windows health dashboard.
The recent growth in popularity of phishing kits that bypass MFA protection show that attackers have taken note of it and are adapting. Microsoft's inaugural Cyber Signals report shows, on the other hand, that only 22 percent of customers using Microsoft Azure Active Directory have implemented MFA protection.
Microsoft has disabled the MSIX ms-appinstaller protocol handler exploited in malware attacks to install malicious apps directly from a website via a Windows AppX Installer spoofing vulnerability. The likely reason for disabling the protocol altogether is to protect all Windows customers, including those who haven't yet installed the December security updates or applied the workarounds.