Microsoft: The new Windows 11 features from Build 2022
During the Build 2022 developer conference, Microsoft announced a number of new features for Windows 11, including an improved Windows Subsystem for Android (WSA) and more. [...]
Microsoft software and cloud platforms underpin enterprise systems, so vulnerabilities and security advisories can affect identity, data, and operations.
Search across headline titles and summaries.
Background for this topic.
Microsoft is a technology company whose Windows, Microsoft 365, Azure, identity services, and developer tools form a widely deployed enterprise computing ecosystem. Its security relevance spans endpoint and server software, cloud control planes, authentication, collaboration data, and the update mechanisms used to maintain them.
Security news under this tag commonly concerns vulnerabilities requiring patching, exploits against exposed services, identity or token compromise, and misconfiguration of cloud permissions or authentication policies. Practitioners should verify affected versions and exposure, apply updates or mitigations, enforce multifactor authentication and least privilege, and monitor relevant audit logs. Incidents involving Microsoft-hosted identities or data may require rapid session and credential containment, investigation across cloud and on-premises systems, and assessment of privacy or regulatory obligations.
During the Build 2022 developer conference, Microsoft announced a number of new features for Windows 11, including an improved Windows Subsystem for Android (WSA) and more. [...]
Hackers are showing an increased interest in the Windows Subsystem for Linux (WSL) as an attack surface as they build new malware, the more advanced samples being suitable for espionage and downloading additional malicious modules. [...]
Four high severity vulnerabilities have been disclosed in a framework used by pre-installed Android System apps with millions of downloads
Microsoft security researchers have found high severity vulnerabilities in a framework used by Android apps from multiple large international mobile service providers. [...]
Microsoft has announced that it will force enable stricter secure default settings known as 'security defaults' on all existing Azure Active Directory (Azure AD) tenants starting in late June 2022. [...]
And that's a bit odd, says Red Canary A strain of Windows uses PowerShell to add a malicious extension to a victim's Chrome browser for nefarious purposes. A macOS variant exists that uses Bash to achieve the same and also targets Safari.…
Microsoft Dev Box will make it easier for developers and hybrid teams to get up and running with workstations already preconfigured with required applications and tools.
Microsoft's Windows Hardware Compatibility Program has confirmed that Windows 11 22H2 build 22621 is the Released to Manufacturing (RTM) build, meaning that the development of Window's 11 next feature update is ready for release. [...]
This week's Windows optional cumulative update previews have introduced a compatibility issue with some of Trend Micro's security products that breaks some of their capabilities, including the ransomware protection feature. [...]
Microsoft has shared guidance to help admins defend their Windows enterprise environments against KrbRelayUp attacks that enable attackers to gain SYSTEM privileges on Windows systems with default configurations. [...]
Microsoft has announced that Windows Subsystem for Linux (WSL2) distros are now supported on Windows Server 2022 after installing this week's cumulative update previews. [...]
Microsoft has improved the account settings in the latest Windows 11 preview build, a settings page that now lists Office subscriptions linked to the user's Microsoft 365 account. [...]
Occasional gaping hole and overprivileged users still blight the Beast of Redmond Despite a record number of publicly disclosed security flaws in 2021, Microsoft managed to improve its stats, according to research from BeyondTrust.…
Microsoft has released optional cumulative update previews for Windows 11, Windows 10 version 1809, and Windows Server 2022, with fixes for Direct3D issues impacting client and server systems. [...]
The privacy-focused DuckDuckGo browser purposely allows Microsoft trackers on third-party sites due to an agreement in their syndicated search content contract between the two companies. [...]
But there was a substantial drop in the overall number of critical vulnerabilities that the company disclosed last year, new analysis shows.
Hackers are targeting Russian government agencies with phishing emails that pretend to be Windows security updates and other lures to install remote access malware. [...]
Microsoft's security researchers have observed a worrying trend in credit card skimming, where threat actors employ more advanced techniques to hide their malicious info-stealing code. [...]
Company to debut its AD capabilities at the 2022 RSA Conference.
Crafty file names, encrypted malicious code, Office flaws – ah, it's like the Before Times HP's cybersecurity folks have uncovered an email campaign that ticks all the boxes: messages with a PDF attached that embeds a Word document that upon opening infects the victim's Windows PC with malware by exploiting a four-year-old code-execution vulnerability in Microsoft Office.…