Security News

Installing updates is slower and their size gets incrementally bigger due to the long backlog caused by the two or more updates for each Windows platform released every month. Microsoft increases Windows Update's overall performance by marking earlier updates for expiration as part of a regular evaluation process.

Microsoft is updating Microsoft 365 to allow admins to better manage insider security threats in their environments with improvements to risky activity detection and visibility. Insider Risk Management enables Microsoft 365 cloud services platform customers to detect, investigate, and remediate insider security threats within their organizations across Office, Windows, Azure, and third-party apps like HR systems.

An APT described as a "Lone wolf" is exploiting a decades-old Microsoft Office flaw to deliver a barrage of commodity RATs to organizations in India and Afghanistan, researchers have found. Attackers use political and government-themed malicious domains as lures in the campaign, which targets mobile devices with out-of-the-box RATs such as dcRAT and QuasarRAT for Windows and AndroidRAT. They're delivering the RATs in malicious documents by exploiting CVE-2017-11882, according to a report published Tuesday by Cisco Talos.

Microsoft has made available Privacy Management for Microsoft 365, a new AI-based solution to help enterprises manage data privacy risks and build a privacy resilient workplace, as well as automate the response to subject rights requests at scale.Privacy Management is built-into the Microsoft 365 compliance center and is currently available as an add-on to organizations with Office 365 A1/E1/A3/E3/A5/E5 and Microsoft 365 A3/E3/A5/E5 subscriptions.

Microsoft has published a new advisory warning of a security bypass vulnerability affecting Surface Pro 3 convertible laptops that could be exploited by an adversary to introduce malicious devices within enterprise networks and defeat the device attestation mechanism. As of writing, other Surface devices, including the Surface Pro 4 and Surface Book, have been deemed unaffected, although other non-Microsoft machines using a similar BIOS may be vulnerable.

Microsoft has published an advisory regarding a security feature bypass vulnerability impacting Surface Pro 3 tablets which could allow threat actors to introduce malicious devices within enterprise environments. Device Health Attestation is a cloud and on-premises service that validates TPM and PCR logs for endpoints and informs Mobile Device Management solutions if Secure Boot, BitLocker, and Early Launch Antimalware are enabled, Trusted Boot is correctly signed, and more.

Microsoft has patched a security feature bypass vulnerability impacting Surface Pro 3 tablets, enabling threat actors to introduce malicious devices within enterprise environments. Device Health Attestation is a cloud and on-premises service that validates TPM and PCR logs for endpoints and informs Mobile Device Management solutions if Secure Boot, BitLocker, and Early Launch Antimalware are enabled, Trusted Boot is correctly signed, and more.

Microsoft has been branded as "The world's best malware hoster for about a decade," thanks to abuse of the Office 365 and Live platform, as well as its slow response to reports by security researchers. TheAnalyst noted that a BazarLoader malware campaign was hosting its malware on Microsoft's OneDrive service.

Microsoft is working on a fix for a known issue impacting Windows 11 customers and causing a prompt for admin credentials before every attempt to print. According to Microsoft, this problem impacts Windows environments where the print clients and print servers are in different time zones.

Microsoft has asked system administrators to patch PowerShell 7 against two vulnerabilities allowing attackers to bypass Windows Defender Application Control enforcements and gain access to plain text credentials. PowerShell is a cross-platform solution that provides a command-line shell, a framework, and a scripting language focused on automation for processing PowerShell cmdlets.