Security News

Microsoft deprecates Windows DirectAccess, recommends Always On VPN
2024-06-12 15:05

Microsoft has announced that the DirectAccess remote access solution is now deprecated and will be removed in a future release of Windows, recommending companies migrate to the 'Always On VPN' for enhanced security and continued support. DirectAccess is a bidirectional remote access technology introduced by Microsoft in Windows 7 and Windows Server 2008 R2, providing domain-joined remote users an "Always on" connection to internal corporate networks without using VPN connections.

Microsoft launches cybersecurity program to tackle attacks, protect rural hospitals
2024-06-12 09:51

Microsoft has unveiled a new cybersecurity program to support hospitals serving more than 60 million people living in rural America. In 2023, the healthcare sector reported more ransomware attacks than any other critical infrastructure sector and attacks involving ransomware against the healthcare sector were up nearly 130%. Cybersecurity attacks disrupt health care operations across the country and pose a direct threat to patient care and essential operations of hospitals.

Microsoft Issues Patches for 51 Flaws, Including Critical MSMQ Vulnerability
2024-06-12 04:26

Microsoft has released security updates to address 51 flaws as part of its Patch Tuesday updates for June 2024. Of the 51 vulnerabilities, one is rated Critical and 50 are rated Important. This is...

Let's kick off our summer with a pwn-me-by-Wi-Fi bug in Microsoft Windows
2024-06-12 00:29

Patch Tuesday Microsoft kicked off our summer season with a relatively light June Patch Tuesday, releasing updates for 49 CVE-tagged security flaws in its products - including one bug deemed critical, a fairly terrifying one in wireless networking, and one listed as publicly disclosed. It could allow a remote, unauthenticated attacker to execute arbitrary code by sending a specially crafted malicious MSMQ packet to a vulnerable Windows system, such as a Windows Server box.

Microsoft fixes RCE vulnerabilities in MSMQ, Outlook (CVE-2024-30080, CVE-2024-30103)
2024-06-11 19:49

June 2024 Patch Tuesday is here and Microsoft has delivered fixes for a critical MSMQ flaw and a RCE vulnerability in Microsoft Outlook. CVE-2024-30080 is a use after free flaw affecting Microsoft Message Queuing and can be exploited by unauthenticated attackers by sending a specially crafted malicious MSMQ packet to a MSMQ server.

Microsoft June 2024 Patch Tuesday fixes 51 flaws, 18 RCEs
2024-06-11 17:31

Today is Microsoft's June 2024 Patch Tuesday, which includes security updates for 51 flaws, eighteen remote code execution flaws, and one publicly disclosed zero-day vulnerability. This Patch Tuesday fixed 18 RCE flaws but only one critical vulnerability, a remote code execution vulnerability in Microsoft Message Queuing.

Azure Service Tags Vulnerability: Microsoft Warns of Potential Abuse by Hackers
2024-06-10 11:20

Microsoft is warning about the potential abuse of Azure Service Tags by malicious actors to forge requests from a trusted service and get around firewall rules, thereby allowing them to gain...

Microsoft Revamps Controversial AI-Powered Recall Feature Amid Privacy Concerns
2024-06-08 06:54

Microsoft on Friday said it will disable its much-criticized artificial intelligence (AI)-powered Recall feature by default and make it an opt-in. Recall, currently in preview and coming...

Defiant Microsoft pushes ahead with controversial Recall – tho as an opt-in
2024-06-07 19:40

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Windows Recall will be opt-in and the data more secure, Microsoft says
2024-06-07 19:01

The insistent public complaints and proof-of-concept tools have have borne fruit: Microsoft has realized that the security of its recently previewed Windows Recall feature leaves much to be desired, and has announced important changes. A few weeks ago, Microsoft presented Copilot+ PCs, a new line of computers powered by Windows 11 and delivering some specific new features.