Microsoft expands Start menu ads test with new ‘treatments’
Microsoft is testing new ads in the Windows Start menu, or what it describes as "new treatments," for users logged into local accounts as part of a "badging" expansion. [...]
Microsoft software and cloud platforms underpin enterprise systems, so vulnerabilities and security advisories can affect identity, data, and operations.
Search across headline titles and summaries.
Background for this topic.
Microsoft is a technology company whose Windows, Microsoft 365, Azure, identity services, and developer tools form a widely deployed enterprise computing ecosystem. Its security relevance spans endpoint and server software, cloud control planes, authentication, collaboration data, and the update mechanisms used to maintain them.
Security news under this tag commonly concerns vulnerabilities requiring patching, exploits against exposed services, identity or token compromise, and misconfiguration of cloud permissions or authentication policies. Practitioners should verify affected versions and exposure, apply updates or mitigations, enforce multifactor authentication and least privilege, and monitor relevant audit logs. Incidents involving Microsoft-hosted identities or data may require rapid session and credential containment, investigation across cloud and on-premises systems, and assessment of privacy or regulatory obligations.
Microsoft is testing new ads in the Windows Start menu, or what it describes as "new treatments," for users logged into local accounts as part of a "badging" expansion. [...]
Windows LAPS and legacy LAPS don't play nicely under certain conditions, Microsoft says Integrating the Local Administrator Password Solution (LAPS) into Windows and Windows Server that came with updates earlier this week is causing interoperability problems with what's called legacy LAPS, Microsoft says.…
The Russia-linked APT29 (aka Cozy Bear) threat actor has been attributed to an ongoing cyber espionage campaign targeting foreign ministries and diplomatic entities located in NATO member states, the European Union, and Africa
Redmond expands a digital ID process for its platform as Musk seeks cash for blue check marks As Elon Musk tears at Twitter's credibility by demanding businesses and individuals pay for their blue verification checks, Microsoft is pushing ts own free digital ID technology to companies and their employees on LinkedIn.…
Microsoft is warning of a phishing campaign targeting accounting firms and tax preparers with remote access malware allowing initial access to corporate networks. [...]
Microsoft is investigating an interoperability bug between the recently added Windows Local Administrator Password Solution (LAPS) feature and legacy LAPS policies. [...]
Windows 11 is getting a new privacy setting that allows users to control whether applications can detect when actively interacting with the device. [...]
Microsoft is working on fixing an issue affecting some Outlook for Microsoft 365 customers and preventing them from accessing emails and their calendars. [...]
The Transparent Tribe threat actor has been linked to a set of weaponized Microsoft Office documents in attacks targeting the Indian education sector using a continuously maintained piece of malware called Crimson RAT
Researchers at Microsoft have discovered links between a threat group tracked as DEV-0196 and an Israeli private-sector company, QuaDream, that sells a platform for exfiltrating data from mobile devices.
Security researchers and experts warn of a critical vulnerability in the Windows Message Queuing (MSMQ) middleware service patched by Microsoft during this month's Patch Tuesday and exposing hundreds of thousands of systems to attacks. [...]
Microsoft has shared guidance to help organizations check if hackers targeted or compromised machines with the BlackLotus UEFI bootkit by exploiting the CVE-2022-21894 vulnerability. [...]
Microsoft has introduced a new update to Bing.com that includes a significant change in its search results — the addition of ChatGPT responses to search queries. [...]
Is Secure Boot without the Secure just "Boot"?
It is one of around 100 software flaws addressed this month
It's the second Tuesday of the month, and Microsoft has released another set of security updates to fix a total of 97 flaws impacting its software, one of which has been actively exploited in ransomware attacks in the wild
Enterprise communications service provider 3CX confirmed that the supply chain attack targeting its desktop application for Windows and macOS was the handiwork of a threat actor with North Korean nexus
It's not all doom and gloom because ML also amplifies defensive efforts, probably Bots like ChatGPT may not be able to pull off the next big Microsoft server worm or Colonial Pipeline ransomware super-infection but they may help criminal gangs and nation-state hackers develop some attacks against IT, according to Rob Joyce, director of the NSA's Cybersecurity Directorate.…
Microsoft today released software updates to plug 100 security holes in its Windows operating systems and other software, including a zero-day vulnerability that is already being used in active attacks. Not to be outdone, Apple has released a set of important updates addressing two zero-day vulnerabilities that are being used to attack iPhones, iPads and Macs.
Plus Google, SAP, Adobe and Cisco emit fixes Microsoft patched 97 security flaws today for April's Patch Tuesday including one that has already been found and exploited by miscreants attempting to deploy Nokoyawa ransomware.…