Senator Blasts Microsoft for Negligence in 365 Email Breach
In a letter to the DoJ, FTC and CISA, Oregon's Wyden also called for Microsoft to be held accountable in the sprawling SolarWinds breach.
Microsoft software and cloud platforms underpin enterprise systems, so vulnerabilities and security advisories can affect identity, data, and operations.
Search across headline titles and summaries.
Background for this topic.
Microsoft is a technology company whose Windows, Microsoft 365, Azure, identity services, and developer tools form a widely deployed enterprise computing ecosystem. Its security relevance spans endpoint and server software, cloud control planes, authentication, collaboration data, and the update mechanisms used to maintain them.
Security news under this tag commonly concerns vulnerabilities requiring patching, exploits against exposed services, identity or token compromise, and misconfiguration of cloud permissions or authentication policies. Practitioners should verify affected versions and exposure, apply updates or mitigations, enforce multifactor authentication and least privilege, and monitor relevant audit logs. Incidents involving Microsoft-hosted identities or data may require rapid session and credential containment, investigation across cloud and on-premises systems, and assessment of privacy or regulatory obligations.
In a letter to the DoJ, FTC and CISA, Oregon's Wyden also called for Microsoft to be held accountable in the sprawling SolarWinds breach.
Microsoft Edge web browser has been displaying security warnings after Twitter changed its name to 'X'. It's got to do with a security feature dubbed 'Progressive Web App Icon change', designed to keep users safe during app icon or name changes. [...]
In an open letter, Senator Ron Wyden urged federal agencies to investigate Microsoft following a Chinese campaign that compromised US government emails
A legitimate Windows search feature is being exploited by malicious actors to download arbitrary payloads from remote servers and compromise targeted systems with remote access trojans such as AsyncRAT and Remcos RAT
Four generative AI pioneers launched the Frontier Model Forum, which will focus on ‘safe and responsible’ creation of new AI models
Microsoft announced the public preview of a new Defender for IoT feature that helps analyze the firmware of embedded Linux devices like routers for security vulnerabilities and common weaknesses. [...]
Microsoft has released the July 2023 optional cumulative update for Windows 11, version 22H2, with fixes for 27 issues, including ones affecting VPN performance and display or audio devices. [...]
Microsoft has released the optional KB5028244 Preview cumulative update for Windows 10 22H2 with 19 fixes or changes, including an update to the Vulnerable Driver Blocklist to block BYOVD attacks. [...]
Microsoft has fixed a known issue causing video recording and playing failures in some apps on Windows 10 and Windows 11 systems. [...]
Microsoft has fixed a known issue causing video recording and playing failures in some apps on Windows 10 and Windows 11 systems. [...]
Microsoft is investigating a known issue causing Microsoft 365 customers to experience significant delays when saving attachments in Outlook Desktop to a network share. [...]
FortiGuard Labs described the vulnerabilities in an advisory published on Monday
Microsoft Sharepoint and OneDrive for Business were briefly interrupted today after a German TLS certificate was mistakenly added to the main .com domains for the Microsoft 365 services. [...]
The North Korean state-sponsored Lazarus hacking group is breaching Windows Internet Information Service (IIS) web servers to hijack them for malware distribution. [...]
Microsoft shared a workaround for Outlook Desktop blocking attempts to open IP address or fully qualified domain name (FQDN) hyperlinks after installing this month's security updates. [...]
Amazon, Anthropic, Google, Inflection, Meta, Microsoft and OpenAI all joined the initiative
Zero-day vulnerabilities in Windows Installers for the Atera remote monitoring and management software could act as a springboard to launch privilege escalation attacks
As Microsoft prepares for the imminent rollout of Windows 11 23H2, they've been developing various innovative features designed to improve user experience, streamline workflows, and introduce next-generation functionalities. This article will explore new features, from dynamic lighting to Windows Copilot upgrades. [...]
Microsoft is further enhancing the Windows 11 Enhanced Phishing Protection by testing a new feature that warns users when they copy and paste their Windows password into websites and documents. [...]