Microsoft – Page 8 – PossibleThreat Articles

With one June Patch Tuesday update, Microsoft falls short

June 20, 2023 0 Comments Microsoft, Security, small and medium business, Windows

I’ve tracked Microsoft’s Windows patches for years and closely watched all of the changes the company has made. I remember when you had to install updates in a certain order — and watch for which one had to be installed first. I remember the arrival of automated patching using Software Update Services (later called Windows Server Update Services). I’ve seen how we went from a system where each vulnerability was patched individually to what we now have: cumulative patching.

The ideal patch is self-contained. Install, reboot, get back to your work. It causes no side effects. It protects the operating system. And you forget about it because it does what it’s supposed to do.

To read this article in full, please click here

ComputerWorld Independent

Recent Teams, Office outages were caused by cyberattacks: Microsoft

June 19, 2023 0 Comments cyberattacks, DDoS, Microsoft

Microsoft has confirmed that recent outages to its popular services, including Outlook, Teams, OneDrive, and cloud computing platform Azure, were caused by a DDoS attack by a threat actor that the company tracks as Storm-1359.

Also known as Anonymous Sudan, Storm-1359 was first detected in January, targeting organizations and government agencies with DDoS attacks and efforts to exfiltrate data. The threat actor was initially assumed to be a “hacktivist” group protesting a controversial outfit at the Melbourne Fashion Week but has since been linked to the Russian state, according to several media reports.

To read this article in full, please click here

ComputerWorld Independent

June's Patch Tuesday updates focus on Windows, Office

June 16, 2023 0 Comments Microsoft, Microsoft Office, Security, small and medium business, Windows

Microsoft released 73 updates to its Windows, Office, and Visual Studio platforms on Patch Tuesday, with many of them dealing with core, but not urgent, security vulnerabilities. That’s a welcome respite from the previous six months of urgent zero-days and public disclosures. With that in mind, the Readiness testing team suggests a focus on printing and backup/recovery processes to make sure they’re not affected by this update cycle.

For the first time, we see a (non-Adobe) third-party vendor added to a Patch Tuesday release, with three minor plugin updates to Visual Studio for AutoDesk. Expect to see more such vendors added to Microsoft’s updates in the near future. The team at Readiness has created a useful infographic that outlines the risks associated with each of the updates.

To read this article in full, please click here

Security Sophos

S3 Ep139: Are password rules like running through rain?

June 15, 2023 0 Comments bust, Cybercrime, Hacking, Law & order, malware, Microsoft, Naked Security Podcast, Podcast

Credit to Author: Paul Ducklin| Date: Thu, 15 Jun 2023 16:43:49 +0000

Latest episode – listen now! (Full transcript inside.)

MalwareBytes Security

Microsoft fixes six critical vulnerabilities in June Patch Tuesday

June 14, 2023 0 Comments cve-2023-24897, cve-2023-29357, cve-2023-29363, cve-2023-32013, cve-2023-32014, cve-2023-32015, cve-2023-32031, exchange, Exploits and vulnerabilities, Hyper-V, Microsoft, news, Patch Tuesday, pgm, sharepoint

Categories: Exploits and vulnerabilities

Categories: News

Tags: Microsoft

Tags: patch Tuesday

Tags: CVE-2023-29357

Tags: CVE-2023-29363

Tags: CVE-2023-32014

Tags: CVE-2023-32015

Tags: CVE-2023-32013

Tags: CVE-2023-24897

Tags: CVE-2023-32031

Tags: SharePoint

Tags: PGM

Tags: Exchange

Tags: Hyper-V

Patch Tuesday of June 2023 is relatively relaxed. No actively exploited zero-days and only six critical vulnerabilities.

Security Sophos

Patch Tuesday fixes 4 critical RCE bugs, and a bunch of Office holes

June 13, 2023 0 Comments Microsoft, office, Patch Tuesday, sharepoint, vulnerability

Credit to Author: Paul Ducklin| Date: Tue, 13 Jun 2023 23:32:18 +0000

No zero-days this month, if you ignore the Edge RCE hole patched last week

Security Sophos

A smorgasbord for June’s Patch Tuesday

June 13, 2023 0 Comments Adobe, autodesk, cve-2023-29357, cve-2023-29363, cve-2023-32014, cve-2023-32015, cve-2023-33146, featured, fortinet, github, Microsoft, Patch Tuesday, threat research, Windows

Credit to Author: Angela Gunn| Date: Tue, 13 Jun 2023 21:05:13 +0000

Between its own fixes and a slew of FYI alerts covering Edge, GitHub, and Autodesk, Microsoft piles 94 CVEs onto sysadmins’ plates; Fortinet and Adobe also at the table

Security Sophos