Microsoft OneNote to get enhanced security after recent malware abuse
Microsoft is working on introducing improved protection against phishing attacks pushing malware via malicious Microsoft OneNote files. [...]
Microsoft software and cloud platforms underpin enterprise systems, so vulnerabilities and security advisories can affect identity, data, and operations.
Search across headline titles and summaries.
Background for this topic.
Microsoft is a technology company whose Windows, Microsoft 365, Azure, identity services, and developer tools form a widely deployed enterprise computing ecosystem. Its security relevance spans endpoint and server software, cloud control planes, authentication, collaboration data, and the update mechanisms used to maintain them.
Security news under this tag commonly concerns vulnerabilities requiring patching, exploits against exposed services, identity or token compromise, and misconfiguration of cloud permissions or authentication policies. Practitioners should verify affected versions and exposure, apply updates or mitigations, enforce multifactor authentication and least privilege, and monitor relevant audit logs. Incidents involving Microsoft-hosted identities or data may require rapid session and credential containment, investigation across cloud and on-premises systems, and assessment of privacy or regulatory obligations.
Microsoft is working on introducing improved protection against phishing attacks pushing malware via malicious Microsoft OneNote files. [...]
Microsoft's Security Intelligence team recently investigated a business email compromise (BEC) attack and found that attackers move rapidly, with some steps taking mere minutes. [...]
Threat actors linked to the IceFire ransomware operation are now actively targeting Linux systems worldwide with a new dedicated encryptor. [...]
Microsoft says the latest Windows 11 build that is rolling out to Insiders in the Canary channel will try to enable Local Security Authority (LSA) protection by default. [...]
Microsoft has released a new Windows 11 preview build with new features such as File Explorer access keys, a new VPN status indicator, and a new way to copy two-factor authentication (2FA) codes from text messages. [...]
Nvidia has released a display driver hotfix to address recently reported high CPU usage and blue screen issues on Windows 10 and Windows 11 systems. [...]
Microsoft says the Excel spreadsheet software is now blocking untrusted XLL add-ins by default in Microsoft 365 tenants worldwide. [...]
Microsoft has shared a fix for Outlook sign-in errors encountered by iOS and Android users with mailboxes in some Exchange environments. [...]
Nvidia confirmed today that it's working to fix a driver issue causing high CPU usage and blue screens of death (BSODs) on Windows systems. [...]
A new phishing campaign targets organizations in Eastern European countries with the Remcos RAT malware with aid from an old Windows User Account Control bypass discovered over two years ago. [...]
Microsoft says its Outlook for Mac email and calendar client is now available for free, and it will no longer require an Office license or a Microsoft 365 subscription to be used. [...]
A proof-of-concept for CVE-2023-21716, a critical vulnerability in Microsoft Word that allows remote code execution, has been published over the weekend. [...]
Microsoft is adding a new Canary channel to its nine-year-old Windows Insider Program to let the most fearless users test what it describes as "hot off the presses" features. [...]
The seemingly innocuous Microsoft OneNote file has become a popular file format used by hackers to spread malware and breach corporate networks. Here's how to block malicious OneNote phishing attachments from infecting Windows. [...]
Microsoft is testing a new and modern-looking Windows 11 volume mixer accessible via the taskbar Quick Settings panel that helps adjust the volume on a per-app basis and switch between audio devices. [...]