Security News

The amount of time devices running Windows are powered on and connected to Windows Update is tracked by Microsoft as 'Update Connectivity. "One of the most impactful things we explored was how much time a device needs to be powered on and connected to Windows Update to be able to successfully install quality and feature updates," said Guyer.

Exploit broker Zerodium has announced a pay jump to 400,000 for zero-day vulnerabilities that allow remote code execution in Microsoft Outlook email client. Zerodium's regular bounty for RCE vulnerability in Microsoft Outlook for windows is $250,000, expected to be "Accompanied by a fully functional and reliable exploit."

Microsoft's threat analysts have uncovered a large-scale, multi-phase phishing campaign that uses stolen credentials to register devices onto the target's network and use them to distribute phishing emails. "The inbox rule allowed the attackers to avoid arousing the compromised users' suspicions by deleting non-delivery reports and IT notification emails that might have been sent to the compromised user."

Microsoft says Windows 11 has now entered the broad deployment phase, making it available for everyone with an eligible device via Windows Update. "The upgrade offer to Windows 11 is entering its final phase of availability and is designated for broad deployment for eligible devices," the company said in a Windows Health dashboard status update.

Microsoft says its Azure DDoS protection platform mitigated a massive 3.47 terabits per second distributed denial of service attack targeting an Azure customer from Asia in November. Two more large size attacks followed this in December, also targeting Asian Azure customers, a 3.25 Tbps UDP attack on ports 80 and 443 and a 2.55 Tbps UDP flood on port 443.

Microsoft has fixed a known issue affecting systems running Windows 11, version 21H2, where applications may have problems rendering colors correctly high dynamic range displays when using Win32 APIs. Microsoft has addressed the HDR color rendering bug with the release of Windows 11 KB5008353 cumulative update issued part of January 2022 monthly non-security "C" preview.

Microsoft says Samsung devices enrolled in Microsoft Intune using a work profile will experience email and VPN connectivity issues due to missing certificates after upgrading to Android 12. Microsoft Intune is a cloud-based service designed to help admins manage Windows, macOS, iOS/iPadOS, and Android apps and devices in enterprise environments.

Microsoft is testing a new hidden feature in the latest Windows 11 preview build that rejuvenates the user interface for Task Manager with a new design and modern appearance. Task Manager is one of the most commonly used built-in Windows apps, allowing users to see how much a process uses CPU and memory, terminate processes, manage auto-starting programs, or simply see what programs are running on a computer.

Microsoft has backpedaled its decision to forcefully redirect users from the Network Connections control panel to the Advanced Network Settings screen in Windows 11 preview builds. Microsoft has slowly begun to chip away at the old Control Panel interface for the past few years by redirecting users to similar settings found under the modern Settings feature.

Microsoft has announced that Excel 4.0 macros will now be disabled by default to protect customers from malicious documents. Starting July 2021, Windows admins could also use group policies and users the 'Enable XLM macros when VBA macros are enabled' setting from the Excel Trust Center to disable this feature manually.