Security News

The past four months have exposed two high-profile attacks, which both had pundits declaring them the "Worst-ever" and "Unprecedented." They shared other similarities - both attacked businesses rather than individuals, and affected tens of thousands of organizations. The second hack was against Microsoft Exchange servers and had a more familiar trajectory: Attackers found a series of zero-day vulnerabilities that could be chained together to break into any Exchange servers that were internet-accessible - and steal all the emails and files stored on them.

Microsoft released PowerToys v0.37.0 yesterday with minor improvements and a significant change - it now requires a minimum version of Windows 10 1903. For those unfamiliar with Microsoft PowerToys, they are a set of small freeware utilities created by Windows developers to add extra functionality to Windows 10 or solve everyday tasks.

Security researchers at Microsoft are warning the industry about 25 as-yet undocumented critical memory-allocation vulnerabilities across a number of vendors' IoT and industrial devices that threat actors could exploit to execute malicious code across a network or cause an entire system to crash. Dubbing the newly discovered family of vulnerabilities "BadAlloc," Microsoft's Section 52-which is the Azure Defender for IoT security research group-said the flaws have the potential to affect a wide range of domains, from consumer and medical IoT devices to industry IoT, operational technology, and industrial control systems, according to a report published online Thursday by the Microsoft Security Response Center.

Microsoft researchers on Thursday disclosed two dozen vulnerabilities affecting a wide range of Internet of Things and Operational Technology devices used in industrial, medical, and enterprise networks that could be abused by adversaries to execute arbitrary code and even cause critical systems to crash. "These remote code execution vulnerabilities cover more than 25 CVEs and potentially affect a wide range of domains, from consumer and medical IoT to Industrial IoT, Operational Technology, and industrial control systems," said Microsoft's 'Section 52' Azure Defender for IoT research group.

Microsoft security researchers have discovered over two dozen critical remote code execution vulnerabilities in Internet of Things devices and Operational Technology industrial systems. Threat actors can exploit them to trigger system crashes and execute malicious code remotely on vulnerable IoT and OT systems.

Microsoft has taken a look at memory management code used in a wide range of equipment, from industrial control systems to healthcare gear, and found it can be potentially exploited to hijack devices. Drilling down to the nitty-gritty: Microsoft's Azure Defender for IoT security research group looked at memory allocation functions, such as malloc(), provided by real-time operating systems, standard C libraries, and software development kits all aimed at embedded electronics: that's Internet-of-Things devices, industrial control systems, and so-called operational technology.

Security researchers at Microsoft are raising the alarm for multiple gaping security holes in a wide range of enterprise internet-connected devices, warning that the high-risk bugs expose businesses to remote code execution attacks. According to an advisory from Redmond's Azure Defender for IoT security research group, there are at least 25 documented vulnerabilities affecting a wide range of IoT and operational technology devices the industrial, medical, and enterprise networks.

Microsoft has announced that the Windows May 10th 2021 Update is complete and being prepared for release. Windows Insiders in the 'Beta' and 'Release' channels have been testing this build since April 13th. While Microsoft has not provided a specific date when the May 2021 Update would begin to rollout, it is likely to be released as an optional update during the upcoming May 2021 Patch Tuesday updates.

SharePoint servers are being picked at with high-risk, legitimate-looking, branded phish messages and preyed on by a ransomware gang using an old bug. The phish is targeting Office 365 users with a legitimate-looking SharePoint document that claims to urgently need an email signature.

New Microsoft Graph APIs released today in public preview allow developers and IT professionals to manage Windows 10 updates and expedite Windows 10 security updates in enterprise environments. "By connecting deployment service capabilities with Microsoft Graph, app developers can easily build rich update management tools and extend these experiences with contextual user data," Microsoft Principal Program Manager David Mebane explained.