Microsoft – Page 6 – PossibleThreat Articles

Patch Tuesday: Microsoft rolls out 90 updates for Windows, Office

August 11, 2023 0 Comments Microsoft, Microsoft Office, Security, small and medium business, Windows

With its August Patch Tuesday release, Microsoft pushed out 90 updates for the Windows and Office platforms. The latest fixes include another update for Microsoft Exchange (along with with a warning about failed updates to Exchange Server 2016 and 2019) and a “Patch Now” recommendation from us for Office.

The team at Application Readiness has crafted this useful infographic outlining the risks associated with each of the updates for this month.

To read this article in full, please click here

Security Sophos

A piñata of patches for Microsoft in August

August 9, 2023 0 Comments amd, cve-2023-20569, cve-2023-38180, featured, Microsoft, Patch Tuesday, threat research

Credit to Author: Angela Gunn| Date: Wed, 09 Aug 2023 18:28:41 +0000

A lighter month than July with just 73 fixes on tap, but a phalanx of advisories and third-party alerts will keep sysadmins bashing away

Security Sophos

Microsoft Patch Tuesday: 74 CVEs plus 2 “Exploit Detected” advisories

August 9, 2023 0 Comments Microsoft, Patch Tuesday, vulnerability, zero day

Credit to Author: Paul Ducklin| Date: Wed, 09 Aug 2023 18:34:44 +0000

74 CVEs, and two “Exploitation Detected” advisories, which are nearly but not quite the same as 0-days. Also, two potential Teams treacheries that you really want to fix.

Independent Krebs Security

Microsoft Patch Tuesday, August 2023 Edition

August 8, 2023 0 Comments Adobe, cve-2023-21709, cve-2023-36884, cve-2023-36910, cve-2023-38180, immersive labs, Microsoft, microsoft patch tuesday august 2023, nikolas cemerikic, satnam narang, security tools, tenable, Time to Patch

Credit to Author: BrianKrebs| Date: Wed, 09 Aug 2023 02:22:57 +0000

Microsoft Corp. today issued software updates to plug more than 70 security holes in its Windows operating systems and related products, including a patch that addresses multiple zero-day vulnerabilities currently being exploited in the wild.

ComputerWorld Independent

Has Microsoft cut security corners once too often?

August 7, 2023 0 Comments Microsoft, Security

Credit to Author: eschuman@thecontentfirm.com| Date: Mon, 07 Aug 2023 10:00:00 -0700

As Microsoft revealed tidbits of its post-mortem investigation into a Chinese attack against US government agencies via Microsoft, two details stand out: the company violated its own policy and did not store security keys within a Hardware Security Module (HSM) — and the keys were successfully used by attackers even though they had expired years earlier.

This is simply the latest example of Microsoft quietly cutting corners on cybersecurity and then only telling anyone when it gets caught.

To read this article in full, please click here

Independent Krebs Security

Teach a Man to Phish and He’s Set for Life

August 4, 2023 0 Comments A Little Sunshine, check point software, Latest Warnings, LinkedIn, Microsoft, Microsoft 365, phishing, right to left override, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Fri, 04 Aug 2023 13:49:15 +0000

One frustrating aspect of email phishing is the frequency with which scammers fall back on tried-and-true methods that really have no business working these days. Like attaching a phishing email to a traditional, clean email message, or leveraging link redirects on LinkedIn, or abusing an encoding method that makes it easy to disguise booby-trapped Microsoft Windows files as relatively harmless documents.

Security Sophos

S3 Ep144: When threat hunting goes down a rabbit hole

July 20, 2023 0 Comments Exploit, Microsoft, Naked Security Podcast, storm, Uncategorized, virus total, zero day, zimbra

Credit to Author: Paul Ducklin| Date: Thu, 20 Jul 2023 14:58:03 +0000

Latest episode – check it out now!

Security Sophos

Google Virus Total leaks list of spooky email addresses

July 18, 2023 0 Comments data leak, Google, Microsoft, virus total, VT

Credit to Author: Paul Ducklin| Date: Tue, 18 Jul 2023 23:16:29 +0000

Careful with that file, Eugene!

Security Sophos

Microsoft hit by Storm season – a tale of two semi-zero days

July 18, 2023 0 Comments 0 day, authentication, Cryptography, data loss, Microsoft, storm, vulnerability

Credit to Author: Paul Ducklin| Date: Tue, 18 Jul 2023 16:59:18 +0000

The first compromise didn’t get the crooks as far as they wanted, so they found a second one that did…

ComputerWorld Independent

Four zero-days make July 's Patch Tuesday a 'patch now' update

July 14, 2023 0 Comments Microsoft, Microsoft Office, Security, small and medium business, Windows

With this month’s Patch Tuesday update, Microsoft addressed 130 security vulnerabilities, published two advisories, and included four major CVE revisions. We also have four zero-days to manage for Windows (CVE-2023-32046, CVE-2023-32049, CVE-2023-36874 and CVE-2023-36884), bringing the Windows platform into a “patch now” schedule.

To read this article in full, please click here