Security News
Microsoft has released the KB4577586 update to remove Adobe Flash from Windows and prevents it from being installed again. In September 2020, Microsoft announced that an optional update would be released in the fall to uninstall Adobe Flash Player and prevent it from being installed again on the same device.
On average, 50% of users at enterprises running Microsoft 365 are not managed by default security policies within the platform, according to CoreView. Microsoft 365 administrators fail to implement basic security like MFA. The survey research shows that approximately 78% of Microsoft 365 administrators do not have multi-factor authentication activated.
On Monday, Microsoft hastened its IE-to-Edge browser-transition strategy and announced new controls for users and IT staff when it comes to how the lame-duck browser will handle a growing list of websites incompatible with IE. Those include YouTube, Twitter, Yahoo Mail and 1,153 other leading internet destinations. As a point of reference, the Microsoft Edge web browser comes built into Windows 10.
Microsoft is currently throttling Windows 10, version 20H2 availability to provide all users who want to upgrade with a positive experience while downloading and upgrading the OS. After Windows 10 20H2 was released on October 20, it immediately started rolling out to users who manually check for updates via Windows Update on devices running Windows 10 1903 or later. According to Microsoft's 20H2 feature update support page, customers need to have the Windows 10 2004 Servicing Stack Update and KB4579311 or later installed before upgrading.
Microsoft has improved password spray detection in Azure Active Directory by doubling the number of compromised accounts it detects using a new machine learning system. Microsoft built a heuristic engine focused on detecting password spray attack, which helped the company to spot and alert tenants of hundreds of thousands of attacks each month.
A massive data breach suffered by the Nitro PDF service impacts many well-known organizations, including Google, Apple, Microsoft, Chase, and Citibank. On October 21st, Nitro Software issued an advisory to the Australia Stock Exchange, stating that they were affected by a "Low impact security incident" but that no customer data was impacted.
Microsoft is taking further steps to kill off the antiquated Internet Explorer in favor of its new Chromium-based Microsoft Edge browser. Starting in recent versions of Microsoft Edge, when Internet Explorer visits an incompatible site, the browsing session will automatically be launched in Microsoft Edge to continue the browsing session.
Emotet switched to a new template this week that pretends to be a Microsoft Office message stating that Microsoft Word needs to be updated to add a new feature. Emotet is a malware infection that spreads through emails containing Word documents with malicious macros.
Emotet switched to a new template this week that pretends to be a Microsoft Office message stating that Microsoft Word needs to be updated to add a new feature. Emotet is a malware infection that spreads through emails containing Word documents with malicious macros.
Microsoft is investigating errors and issues affecting Windows 10 devices with certain versions of Conexant or Synaptics audio device drivers, Microsoft IME, and third-party drivers. Microsoft is currently rolling out Windows 10 20H2 to all seekers who check for updates via Settings on devices running Windows 10 1903 or later.