Microsoft

Microsoft Teams goes down as Europe starts working from home

As millions of people across Europe choose to work remotely rather than head into the office in the wake of the Coronavirus pandemic, a widely-used communication and collaboration tool has gone down.

Smashing Security #169: Burglaries, breaches, and bidets

How one guy’s exercise routine made him a burglary suspect, how multi-factor authentication can cause headaches as well as stop hacks, and how Virgin Media got itself in a pickle over its sloppy data security.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.

Patch now! Microsoft releases fixes for 99 security flaws, some being actively exploited by hackers

It’s one of the largest Patch Tuesday updates ever issued by Microsoft, and includes fixes for 12 security vulnerabilities that have been given the highest severity rating of “critical.”

The clock is ticking. IT teams should waste no time in readying themselves for a roll-out across the Windows computers for which they’re responsible.

bitdefender.com

$20,000 up for grabs in Xbox Live security hole hunt

Microsoft is inviting gamers, security researchers, and technologists to pit their wits against the Xbox network in the search for security vulnerabilities.

Read more in my article on the Hot for Security blog.

Windows 7 definitely won’t ever receive any more bug fixes (errm… apart from this one for its wallpaper)

We definitely definitely absolutely won’t ever ever be releasing any more updates for Windows 7, said Microsoft earlier this month.

Now there’s an update on its way to fix a cosmetic bug in how Windows 7 displays users’ desktop wallpaper…

Microsoft’s Internet Explorer zero-day workaround is breaking printing

Microsoft’s workaround for an unpatched vulnerability that is being exploited in targeted attacks by hackers appears to be causing printer errors.

Microsoft data breach exposes 250 million customer service and support records

Red faces at Microsoft after a security researcher discovered an internal customer support database had been left exposed for anyone on the internet to access – no password required.

Microsoft issues Internet Explorer zero-day warning, but there’s no patch yet

Microsoft has warned Windows users that there is an unpatched zero-day vulnerability in Internet Explorer that is being exploited in targeted attacks.

Critical Windows 10 security fix pushed out after NSA warns Microsoft of spying vulnerability

Hundreds of millions of Windows 10 users are having an important patch rolled out to their computers today after Microsoft was warned by the NSA of a serious security hole in the operating system.

27% of Windows users are still running Windows 7. They need to stop now

At 11am PST (7pm UK), Microsoft will release its last ever Patch Tuesday updates for Windows 7. After today, Microsoft says it won’t release any more security patches for the ageing operating system.

Smashing Security #160: SNAFUs! MS Word, Amazon Ring, and TikTok

We discuss how Microsoft Word helped trap a multi-million dollar fraudster, how Amazon Ring may be recording more than you’re comfortable with, and how teens are flocking to TikTok (and why that might be a problem).

All this and much more is covered in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.

tripwire.com

BlueKeep: What you need to know

Currently BlueKeep attacks have been causing computers to crash, and drawing attention to themselves.

But that may be about to change…

Read more in my article on the Tripwire State of Security blog.

bitdefender.com

Mac users warned that disabling all Office macros doesn’t actually disable all Office macros

It’s been almost 25 years since macro malware first reared its head, and it would be nice to think that the defences Microsoft has built into its Office suite in the years since would do a half-decent job of stemming the threat.

Unfortunately, it seems that’s not the case – at least not for users of the Mac version of Microsoft Office.

Read more in my article on the Hot for Security blog.

After months of worry, BlueKeep vulnerability is now being exploited in mass-hacking campaign

The BlueKeep vulnerability, discovered by the UK’s NCSC, is being exploited at scale in an attempt to install a cryptocurrency miner on unpatched Windows PCs.

bitdefender.com

Microsoft warns of wormable vulnerabilities in Windows

Microsoft’s security team warns that the remote code execution vulnerabilities could be abused by malware to spread from computer to computer without requiring any user interaction. Patch your systems now!

Read more in my article on the Hot for Security blog.

Smashing Security #136: Oops, we created Iran’s hacking exploit

Mac users of the Zoom video conferencing app are warned their webcams could be hijacked, security firms warn of how scammers are deepfaking audio to steal from businesses, and our guest owns up to the role he played in an Iranian cyberattack against US organisations.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Charl van der Walt.