Microsoft Archives

Microsoft discloses Office zero-day, still working on a patch

Posted on August 9, 2024 by Onsite Computing, Inc.

Microsoft has disclosed a high-severity zero-day vulnerability affecting Office 2016 and later, which is still waiting for a patch. […] Go to Source Author: Sergiu Gatlan

Continue reading →

Microsoft: Exchange 2016 reaches extended end of support in October

Posted on August 8, 2024 by Onsite Computing, Inc.

Microsoft reminded today that Exchange 2016 will reach the end of extended support next year on October 14 and shared guidance for admins who need to decommission outdated servers. […] Go to Source Author: Sergiu Gatlan

Continue reading →

Microsoft, Security

Windows Update downgrade attack “unpatches” fully-updated systems

Posted on August 7, 2024 by Onsite Computing, Inc.

SafeBreach security researcher Alon Leviev discovered a Windows Update downgrade attack that can “unpatch” fully-updated Windows 10, Windows 11, and Windows Server systems to reintroduce old vulnerabilities […] Go to Source Author: Sergiu Gatlan

Continue reading →

Microsoft, Security

Microsoft 365 anti-phishing feature can be bypassed with CSS

Posted on August 7, 2024 by Onsite Computing, Inc.

Researchers have demonstrated a method to bypass an anti-phishing measure in Microsoft 365 (formerly Office 365), elevating the risk of users opening malicious emails.` […] Go to Source Author: Bill Toulas

Continue reading →

Microsoft

Microsoft Azure outage takes down services across North America

Posted on August 5, 2024 by Onsite Computing, Inc.

Microsoft has mitigated an Azure outage that lasted more than two hours and took down multiple services for customers across North and Latin America. […] Go to Source Author: Sergiu Gatlan

Continue reading →

Microsoft, Security

Windows Smart App Control, SmartScreen bypass exploited since 2018

Posted on August 5, 2024 by Onsite Computing, Inc.

A design flaw in Windows Smart App Control and SmartScreen that enables attackers to launch programs without triggering security warnings has been under exploitation since at least 2018. […] Go to Source Author: Sergiu Gatlan

Continue reading →

Microsoft

Microsoft says massive Azure outage was caused by DDoS attack

Posted on July 31, 2024 by Onsite Computing, Inc.

Microsoft confirmed today that a nine-hour outage on Tuesday that took down and disrupted multiple Microsoft 365 and Azure services worldwide was triggered by a distributed denial-of-service (DDoS) attack. […] Go to Source Author: Sergiu Gatlan

Continue reading →

Microsoft

Microsoft 365 and Azure outage takes down multiple services

Posted on July 30, 2024 by Onsite Computing, Inc.

Microsoft is investigating an ongoing and widespread outage blocking access to some Microsoft 365 and Azure services. […] Go to Source Author: Sergiu Gatlan

Continue reading →

Microsoft, Security

New Specula tool uses Outlook for remote code execution in Windows

Posted on July 29, 2024 by Onsite Computing, Inc.

Microsoft Outlook can be turned into a C2 beacon to remotely execute code, as demonstrated by a new red team post-exploitation framework named “Specula,” released today by cybersecurity firm TrustedSec. […] Go to Source Author: Sergiu Gatlan

Continue reading →

Microsoft

Microsoft: Ransomware gangs exploit VMware ESXi auth bypass in attacks

Posted on July 29, 2024 by Onsite Computing, Inc.

Microsoft warned today that ransomware gangs are actively exploiting a VMware ESXi authentication bypass vulnerability in attacks. […] Go to Source Author: Sergiu Gatlan

Continue reading →