Security News

Microsoft this week announced that Safe Documents and Application Guard, two security capabilities introduced last fall, are now available to more of its Office 365 ProPlus customers. At Ignite 2019, Microsoft announced Application Guard's integration with 365 ProPlus to deliver container-based isolation for Office applications, to completely block attackers' access to resources such as memory, local storage, applications, and corporate network endpoints.

Finding what cloud services employees are using is half the battle-integrating Microsoft Cloud App Security and Defender Advanced Threat Protection lets you track, block, or audit cloud app usage. Microsoft Cloud App Security now includes a shadow IT discovery tool that integrates with Defender ATP to discover cloud app and service usage on any managed device.

Microsoft today released updates to plug nearly 100 security holes in various versions of its Windows operating system and related software, including a zero-day vulnerability in Internet Explorer that is actively being exploited. A dozen of the vulnerabilities Microsoft patched today are rated "Critical," meaning malware or miscreants could exploit them remotely to gain complete control over an affected system with little to no help from the user.

Microsoft had one of its largest patch bundles in recent memory, as the Windows giant released fixes for 99 CVE-listed vulnerabilities. These include two elevation of privilege bugs in Windows Installer, a security bypass in Secure Boot, and an information disclosure vulnerability in Edge and IE. Once again, Remote Desktop was cause for alarm as patches for two remote code execution flaws in the client-side of the administration tool will need to be tested and installed when possible.

Microsoft has issued one of its largest Patch Tuesday updates for the shortest month of the year, addressing 99 security vulnerabilities across a range of products. The update includes a patch for the zero-day memory-corruption vulnerability disclosed in late January that's under active attack.

To mark the occasion, Microsoft has released fixes for 99 vulnerabilities - 12 critical, one of which is being exploited in the wild - and Adobe 42, most of which are critical and none actively exploited. Microsoft fixed nearly 100 vulnerabilities this Tuesday, interspersed through a number of products: Windows, Edge, IE, SQL Server, Exchange Server, Office, and more.

Microsoft disclosed the existence of the Internet Explorer zero-day on January 17, when it promised to release patches and provided a workaround. Microsoft has credited Google's Threat Analysis Group and Chinese cybersecurity firm Qihoo 360 for reporting the vulnerability.

A few hours after Adobe today released security updates for five of its widely-distributed software, Microsoft also issued its February 2020 Patch Tuesday edition with patches for a total of 99 new vulnerabilities. All supported versions of Microsoft Windows also contain a critical RCE flaw that an attacker with a domain user account can exploit to execute arbitrary code on the targeted system with elevated permissions.

A few hours after Adobe today released security updates for five of its widely-distributed software, Microsoft also issued its February 2020 Patch Tuesday edition with patches for a total of 99 new vulnerabilities. All supported versions of Microsoft Windows also contain a critical RCE flaw that an attacker with a domain user account can exploit to execute arbitrary code on the targeted system with elevated permissions.

ZeroFOX, the leading provider of public attack surface protection, announced it has extended its artificial intelligence powered platform to now include advanced protection capabilities to solve intractable challenges in the cloud email security market and complement existing email security. The ZeroFOX Advanced Email Protection suite includes capabilities that address Business Email Compromise Protection for Google's G Suite and Microsoft's Office 365 platforms, which identifies impersonation-based attacks targeting employees.