Microsoft

Microsoft Patches Windows DogWalk zero-day Exploited in Attacks Microsoft has released security updates to address a high severity Windows zero-day vulnerability with publicly available exploit code and abused in attacks. Fixed as part of the August 2022 Patch Tuesday, this security flaw is now tracked CVE-2022-34713 and has been jokingly Read more…

Microsoft August 2022 Patch Tuesday Fixes Exploited zero-day, 121 Flaws Today is Microsoft’s August 2022 Patch Tuesday, and with it comes fixes for the actively exploited ‘DogWalk’ zero-day vulnerability and a total of 121 flaws. Seventeen of the 121 vulnerabilities fixed in today’s update are classified as ‘Critical’ as they allow remote Read more…

Microsoft Edge Gets Better Security Defaults on Less Popular Sites Microsoft is rolling out a new update to the Microsoft Edge Stable Channel over the coming days to improve the web browser’s security defaults when visiting less popular websites. Starting with version 104.0.1293.47, Edge will toggle on the “Basic” level Read more…

Microsoft Accounts Targeted with New MFA-bypassing Phishing Kit A new large-scale phishing campaign targeting credentials for Microsoft email services use a custom proxy-based phishing kit to bypass multi-factor authentication. Researchers believe the campaign’s goal is to breach corporate accounts to conduct BEC (business email compromise) attacks, diverting payments to bank Read more…

Microsoft Rolling Out Fix for Windows 10 Language Bar Issues Microsoft has addressed a known issue triggered by recent Windows 10 updates that caused the Input Indicator and Language Bar not to appear in the notification area. This known issue affects devices running Windows 10 version 20H2, 21H1, and 21H2, Read more…

Microsoft Defender Now Better at Blocking Ransomware on Windows 11 Microsoft has released new Windows 11 builds to the Beta Channel with improved Microsoft Defender for Endpoint ransomware attack blocking capabilities. As the company added, starting with today’s builds (22621.450 and 22622.450), the enterprise endpoint security platform also gets better at Read more…

Microsoft Announces New External Attack Surface Audit Tool Microsoft has announced a new security product allowing security teams to spot Internet-exposed resources in their organization’s environment that attackers could use to breach their networks. The focus is on unmanaged or unknown assets added to the environment after mergers or acquisitions, Read more…

Microsoft Defender Experts for Hunting Now Generally Available Microsoft Defender Experts for Hunting, a new managed security service for Microsoft 365 Defender customers, is now generally available. Announced in May, Defender Experts for Hunting provides businesses that already have Security Operation Centers (SOCs) but are also willing to pay for additional help to Read more…

Microsoft Outlook is Crashing when Reading Uber Receipt Emails Microsoft says the Outlook email client will crash when opening and reading emails with tables such as Uber receipt emails. “When opening, replying, or forwarding some emails that include complex tables, Outlook stops responding,” the company explains in a support document. Read more…

Microsoft Links Raspberry Robin Malware to Evil Corp Attacks Microsoft has discovered that an access broker it tracks as DEV-0206 uses the Raspberry Robin Windows worm to deploy a malware downloader on networks where it also found evidence of malicious activity matching Evil Corp tactics. “On July 26, 2022, Microsoft researchers Read more…