security policies

Feeling nostalgic for those halcyon days when logging into your enterprise apps felt optional? Well, savor the memory—Microsoft just flipped the script. In its ongoing tug-of-war with shadowy cyber villains, the tech giant has unleashed the “Reauthentication Every Time Policy” for Entra ID, an...

Let’s set the scene: you’re sitting at your desk, sipping a lukewarm cup of coffee, blissfully unaware that the foundation of your computer’s safety net is about to get a surprise patch—actually, scratch that—a surprise removal. Cue the dramatic music. Microsoft, in its eternal quest for both...

When it comes to the Byzantine world of Office security settings, no feature brings sysadmins and IT pros to their knees quite like the saga of ActiveX controls. If you’ve ever had the “pleasure” of untangling why two employees, with identical systems, wind up on opposite ends of the ActiveX...

The End of an Era: Microsoft Entra ID’s Move Away from Service Principal-Less Authentication In a rapidly evolving digital landscape, Microsoft’s approach to identity and access management has been a compass for the industry. With the news that Microsoft Entra ID will officially retire service...

Microsoft Tightens Security by Blocking ActiveX in Office Apps by Default Microsoft has taken a decisive step to enhance the security of its Office suite on Windows by making it considerably harder to enable ActiveX controls. This move targets the Windows versions of popular productivity...

Introduction Microsoft Defender for Endpoint is receiving a significant upgrade that aims to tighten security defenses by automatically blocking unwanted traffic from undiscovered endpoints. This innovative feature is designed to stem malicious lateral movement within network environments...

Microsoft’s latest security maneuver has the IT world buzzing as it targets one of the more under-the-radar authentication methods in Microsoft Teams devices. The company is rolling out a new managed policy designed to curb the risks associated with Device Code Flow (DCF) authentication—a method...

Hello, I hope someone can help with this issue. I have a requirement to configure file system logging on my windows file server and I have setup the security policy to track file system object access but I am not getting Event ID 4663 (An attempt was made to access an object). These are the...

I have setup Windows Server 2022 on a workgroup (we don't need a domain). I have initiated all the correct Services for Network Discovery, ebaled the Firewall apps and activated Network Discovery. The problem is though the Server can see itself and the Network Printer, it cannot see or connect...

Hi , I have created a scheduled task using an account with admin privilege in 2019 server and task is running fine. But just noticed that other non -admin domain users are not able to see the task in task library. I have tried below options , but no luck . Please let me know if anyone have a...

So i cant turn on the optimized downloads, because "some of these settings are hidden or managed by your organization" but, i dont have any school, or work accounts linked. Does anyone know how to fix this? Here is an image:

Original release date: December 1, 2020<br/><h3>Summary</h3><p class="tip-intro" style="font-size: 15px;"><em>This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&amp;CK®) framework. See the <a href="Techniques - Enterprise | MITRE ATT&CK®">ATT&amp;CK for...

Original release date: May 5, 2020 Summary This is a joint alert from the United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC). CISA and NCSC continue to see indications that...

Hi all, What is the best way to do port forwarding under windows? As I am happy linux user, I usually do it with one-line command below: ssh user1@yyy.yyy.yyy.yyy -L 3432:nnn.nnn.nnn.nnn:5432 Next I can just use 127.0.0.1:3432 like it's on my local machine. The thing is that I will have to...

We have been on a journey to eliminate passwords. Today, we are delighted to announce an important milestone. Microsoft has been aligned with the Fast Identity Online (FIDO) working group from the start, the alliance represents 250 organizations from various industries on a joint mission to...

Hi, New here but not new to Windows. I have a software requirement that I am surprised I can't seem to find an answer for. I have written a Windows Service. I have created an installer for this service. This installer (when run as Administrator) creates a new user, provides the user with...

Original release date: March 27, 2018 Systems Affected Networked systems Overview According to information derived from FBI investigations, malicious cyber actors are increasingly using a style of brute force attack known as password spraying against organizations in the United States and...

We are happy to introduce support for Content Security Policy Level 2 (CSP2) in Microsoft Edge, another step in our ongoing commitment to make Microsoft Edge the safest and most secure browser for our customers. CSP2, when used correctly, is an effective defense-in-depth mechanism against cross...

I am an IT person. I create images for an organization. I get a base image from our organization, tailor it for our specific needs and create the new image. We are using Windows 7 Enterprise but are not using a domain controller (No AD). The problem is someone at a high level recently...

Original release date: November 13, 2013 | Last revised: November 16, 2013 Systems Affected Windows Operating System and Components Microsoft Office Internet Explorer Overview Select Microsoft software products contain multiple vulnerabilities. Microsoft has released updates to address...