Microsoft
New infosec products of the week: May 6, 2022
Here’s a look at the most interesting products from the past week, featuring releases from AuditBoard, BIO-key, Data Theorem, Enpass, Microsoft, N-able, and Uptycs. Microsoft …
Apple, Google and Microsoft expand support for FIDO Alliance’s passwordless sign-in standard
In a joint effort to make the web more secure and usable for all, Apple, Google and Microsoft announced plans to expand support for a common passwordless sign-in standard …
Microsoft announces Microsoft Defender for Business (for SMBs)
Microsoft has announced the stand-alone version of Microsoft Defender for Business, which aims to bring enterprise-grade endpoint security to SMBs, including endpoint …
Nimbuspwn bugs allow attackers to gain root privileges on some Linux machines (CVE-2022-29799, CVE-2022-29800)
Microsoft has unearthed two security vulnerabilities (CVE-2022-29799, CVE-2022-29800) in the networkd-dispatcher daemon that may be exploited by attackers to gain root on many …
Critical Microsoft RPC runtime bug: No PoC exploit yet, but patch ASAP! (CVE-2022-26809)
Three days have passed since Microsoft’s latest Patch Tuesday, and CVE-2022-26809 has emerged as the vulnerability with the most exploitation potential. It’s easy …
Microsoft fixes actively exploited zero-day reported by the NSA (CVE-2022-24521)
On this April 2022 Patch Tuesday, Microsoft has released patches for 128 CVE-numbered vulnerabilities, including one zero-day exploited in the wild (CVE-2022-24521) and …
Sandworm hackers tried (and failed) to disrupt Ukraine’s power grid
The Computer Emergency Response Team of Ukraine (CERT-UA), with the help of ESET and Microsoft security experts, has thwarted a cyber attack by the Sandworm hackers, who tried …
Windows Autopatch: Managed enterprise patching for Windows and Office
While IT administrators are mentally preparing themselves for yet another Patch Tuesday, Microsoft has announced Windows Autopatch: a new service that aims make the second …
April 2022 Patch Tuesday forecast: Spring is in the air (and vulnerable)
March Patch Tuesday releases followed in the footsteps of February with low numbers of CVEs reported and resolved, and all updates rated as important except one critical …
Confluent partners with Microsoft to speed up real-time application development in the cloud
Confluent announced a new strategic partnership agreement with Microsoft, adding greater investments across technology integrations, solution development, and go-to-market …
Microsoft asks bug hunters to probe on-premises Exchange, SharePoint servers
Bug hunters that discover and report high-impact security vulnerabilities in on-premises Exchange, SharePoint and Skype for Business may earn as much as $26,000 per eligible …
Omnispace partners with Microsoft to enhance the performance and reach of mobile wireless networks
Omnispace announced that it is collaborating with Microsoft to deliver its global, hybrid 5G non-terrestrial network (5G NTN) to under-served regions. The two companies will …