windows
New Windows 11 features strengthen security to address evolving cyberthreat landscape
Credit to Author: David Weston| Date: Mon, 20 May 2024 18:00:00 +0000
Today, ahead of the Microsoft Build 2024 conference, we announced a new class of Windows computers, Copilot+ PC. Alongside this exciting new class of computers, we are introducing important security features and updates that make Windows 11 more secure for users and organizations, and give developers the tools to prioritize security.
The post New Windows 11 features strengthen security to address evolving cyberthreat landscape appeared first on Microsoft Security Blog.
Read moreNew Microsoft Incident Response guide helps simplify cyberthreat investigations
Credit to Author: Microsoft Incident Response| Date: Tue, 23 Apr 2024 16:00:00 +0000
Discover how to fortify your organization’s cybersecurity defense with this practical guide on digital forensics from Microsoft’s Incident Response team.
The post New Microsoft Incident Response guide helps simplify cyberthreat investigations appeared first on Microsoft Security Blog.
Read moreAnalyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials
Credit to Author: Microsoft Threat Intelligence| Date: Mon, 22 Apr 2024 16:00:00 +0000
Since 2019, Forest Blizzard has used a custom post-compromise tool to exploit a vulnerability in the Windows Print Spooler service that allows elevated permissions. Microsoft has issued a security update addressing this vulnerability as CVE-2022-38028.
The post Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials appeared first on Microsoft Security Blog.
Read moreNote-taking apps and to-do lists with end-to-end encryption | Kaspersky official blog
Credit to Author: Stan Kaminsky| Date: Fri, 05 Apr 2024 14:11:20 +0000
An overview of private and encrypted note-taking apps, to-do lists, and diaries on all platforms.
Read moreFor March's Patch Tuesday, no zero-day flaws
Microsoft this week pushed out 61 Patch Tuesday updates with no reports of public disclosures or other zero-days affecting the larger ecosystem (Windows, Office, .NET). Though there are three updated packages from February, they’re just informational changes with no further action is required.
The team at Readiness has crafted this helpful infographic outlining the risks associated with each of the March updates.
Known issues
Each month, Microsoft publishes a list of known issues that relate to the operating system and platforms included in the latest update cycle; for March, there are two minor issues reported:
Microsoft fixes two zero-days with Patch Tuesday release
Microsoft on Tuesday released 73 updates in its monthly Patch Tuesday release, addressing issues in Microsoft Exchange Server and Adobe and two zero-day flaws being actively exploited in Microsoft Outlook (CVE-2024-21410) and Microsoft Exchange (CVE-2024-21413).
Including the recent reports that the Windows SmartScreen vulnerability (CVE-2024-21351) is under active exploitation, we have added “Patch Now” schedules to Microsoft Office, Windows and Exchange Server. The team at Readiness has provided this detailed infographic outlining the risks associated with each of the updates for this cycle.