Security News

Microsoft Corp. today released software updates to plug four security holes that attackers have been using to plunder email communications at companies that use its Exchange Server products. The patches released today fix security problems in Microsoft Exchange Server 2013, 2016 and 2019.

Microsoft says that Windows Server 2022 will come with security improvements and will bring Secured-core to the Windows Server platform. Windows Server 2022 is now in preview and "Provides secured connectivity enabled by industry-standard AES 256 encryption," as Microsoft announced today.

Microsoft adds new security, privacy, and compliance features to the Microsoft Teams chat and collaboration solution, including end-to-end encryption support for one-on-one voice calls. Microsoft Teams is a cloud collaboration platform designed to allow an organization's team to stay organized and communicate via text, audio, and video, all in one place.

Microsoft announced the addition of Threat Analytics for Microsoft 365 Defender customers and the roll-out of Microsoft 365 Insider Risk Management Analytics, both in public preview. Microsoft 365 Defender is an enterprise defense suite for cross-domain security that helps security teams to stop attacks and coordinate threat protection for devices, identity, data, and applications.

Microsoft is believed to be working on a new virtualized desktop experience called 'Cloud PC' to help administrators deploy and manage Windows 10 PCs in the cloud via web browser, mobile app or another PC. Cloud PC will also allow Microsoft to handle your organization's device configuration by applying updates security improvements regularly, and offer managed support. Cloud PC is based on Azure and Windows Virtual Desktop and it won't replace any version of Windows.

The National Security Agency and Microsoft are advocating for the Zero Trust security model as a more efficient way for enterprises to defend against today's increasingly sophisticated threats. Google implemented zero-trust security concepts following Operation Aurora in 2009 for an internal project that became BeyondCorp. Zero Trust defense for critical networks.

Microsoft has fixed a Windows 10 bug that could cause NTFS volumes to become corrupted by merely accessing a particular path or viewing a specially crafted file. Windows then prompts the user to reboot the computer and run chkdsk to fix the corruption.

Microsoft on Thursday announced the open source availability of CodeQL queries that it used during its investigation into the SolarWinds attack. The company has released the source code of CodeQL queries, which it used to analyze its code at scale and identify any code-level indicators of compromise associated with Solorigate.

Lunavi announces the launch of its new Azure Adoption Program aligned with the Microsoft Cloud Adoption Framework. The program helps enterprise customers rapidly transition from their current on-premise infrastructure to a secure Azure cloud environment that takes advantage of best practices in security, governance, and optimization.

Microsoft is no longer treating possibly the most unused folder, 3D Objects, as a special folder in File Explorer. As a place to store all those 3D object files that Microsoft thought people would be downloading, they created a '3D Objects' folder in each user's user profile directory.