Security News

Microsoft has released a one-click Exchange On-premises Mitigation Tool tool to allow small business owners to easily mitigate the recently disclosed ProxyLogon vulnerabilities. This month, Microsoft disclosed that four zero-day vulnerabilities were being actively used in attacks against Microsoft Exchange.

Starting at approximately 3:34 PM EST, users began reporting being unable to login to their Microsoft 365 accounts, Microsoft Teams, or access other Microsoft apps. "As a result of the issues currently facing Azure AAD, we are currently experiencing problems on the Microsoft Tech Community with login and authentication. This will result in users being unable to login and users already logged in getting unexpected errors as sessions timeout," posted a Microsoft Tech Community manager.

Microsoft has addressed a known issue causing memory or disk space errors when opening some documents using Microsoft Word, Microsoft Excel, or other Microsoft Office apps. This known issue only affects customers who have installed Microsoft Office apps from the Microsoft Store and are trying to open an Office document that triggers the Protected View feature.

Microsoft Exchange servers around the world are still getting compromised via the ProxyLogon and three other vulnerabilities patched by Microsoft in early March. A. Human operated ransomware attacks are utilizing the Microsoft Exchange vulnerabilities to exploit customers.

Intelligence agencies and cybersecurity researchers had been warning that unpatched Exchange Servers could open the pathway for ransomware infections in the wake of swift escalation of the attacks since last week. According to the latest reports, cybercriminals are leveraging the heavily exploited ProxyLogon Exchange Server flaws to install a new strain of ransomware called "DearCry."

Over the past year, Microsoft has quietly released new built-in Windows 10 command-line applications and free Microsoft Store apps that enhance the operating system's functionality. Microsoft did not officially announce these new tools in some cases, and they were discovered by users instead. In this article, we're going to highlight these new programs and other apps so power-users can take greater control over Windows 10.

Since Microsoft disclosed actively exploited Microsoft Exchange security vulnerabilities, known collectively as ProxyLogon, administrators and security researchers have been scrambling to protect vulnerable servers exposed on the Internet. The PoC provided enough information that security researchers and threat actors could use it to develop a functional remote code execution exploit for Microsoft Exchange servers.

Major 'Stable' versions of Microsoft Edge will now be released every four weeks to synchronize with the new four-week release cycle announced by Google Chrome. This month, Google announced they were switching from a six-week release cycle to a four-week cycle after improving their testing and release process.

Update: Microsoft has released out-of-band non-security updates to address the Windows 10 printing crash issue. Microsoft has provided a temporary fix for the Windows 10 blue screen crashes plaguing customers when printing after installing the March 2021 cumulative updates.

Software giant Microsoft Corp. has launched an investigation to determine whether one of its flagship information-sharing programs sprung a leak that led to the widespread exploitation of Exchange server deployments around the world. According to a bombshell report in the Wall Street Journal, Redmond is looking closely at its Microsoft Active Protections Program to figure out if an anti-malware partner in China leaked proof-of-concept code ahead of the availability of security updates.