user protection

  1. Beware of Microsoft Sextortion Scams: Protect Yourself from Cyber Threats

    In an unsettling development for Windows users everywhere, Microsoft has found itself embroiled in yet another cybersecurity crisis. This recent episode centers around a sextortion scam that utilizes the company’s own infrastructure, with scammers deploying emails that appear to originate from...
  2. Microsoft to Enable BitLocker by Default in Upcoming Windows 11 Update

    In a significant move to enhance data security, Microsoft has announced that it will automatically enable BitLocker device encryption on all Windows 11 computers starting with the upcoming 24H2 update, set for release in late September 2024. This new policy reflects a growing emphasis on...
  3. Office 365 security researchers: Double your bounties March-May 2017

    Microsoft strives to protect our customers and we’re constantly improving our security posture to meet their needs. We realize the desire of researchers and customers to security test our services to ensure they can trust us and our solutions. We also believe that if a researcher informs us of a...
  4. Introducing support for Content Security Policy Level 2

    We are happy to introduce support for Content Security Policy Level 2 (CSP2) in Microsoft Edge, another step in our ongoing commitment to make Microsoft Edge the safest and most secure browser for our customers. CSP2, when used correctly, is an effective defense-in-depth mechanism against cross...
  5. Isolated User Mode in Windows 10 with Dave Probert

    This was seriously a treat for me. I had the privilege of spending time with the venerable Dave Probert who has been working on the Windows kernel for a long time. We discussed an interesting security issue which had up to this point never occurred to me - how do we protect ourselves from kernel...
  6. 3057154 - Update to Harden Use of DES Encryption - Version: 1.0

    Revision Note: V1.0 (July 14, 2015): Summary: Microsoft is announcing the availability of an update to harden scenarios in which Data Encryption Standard (DES) encryption keys are used with accounts. Microsoft disabled DES by default starting in Windows 7 and Windows Server 2008 R2. However...
  7. Internet Explorer Updates

    Microsoft has released a Security Update to address a vulnerability in Internet Explorer 7, 8 and 9 on Windows XP, Vista and 7 Microsoft Security Advisory: Vulnerability in Internet Explorer could allow remote code execution Microsoft Security Advisory (2757760): Vulnerability in Internet...
  8. Security Advisory 2743314 released

    Today, we published Security Advisory 2743314, which provides guidance that will help protect customers from a technique that could allow a man-in-the middle attack to obtain a user’s domain credentials when VPN is configured to use PPTP and MSCHAPv2. Customers concerned with this...
  9. MS12-022 - Important : Vulnerability in Expression Design Could Allow Remote Code Execution (2651018

    Severity Rating: Important Revision Note: V1.1 (March 14, 2012): Removed erroneous installation switch option descriptions from the Security Update Deployment tables for all supported releases. This is an informational change only. There were no changes to the detection logic or the...
  10. More on Microsoft’s response to the DigiNotar compromise

    Microsoft’s investigation into the scope and impact of the DigiNotar compromise has continued over the holiday weekend. We’ve now confirmed that spoofed certificates for *.microsoft.com and *.windowsupdate.com are among those issued by the Dutch firm. Users of Vista and later...
  11. MS11-069 - Moderate: Vulnerability in .NET Framework Could Allow Information Disclosure (2567951) -

    Severity Rating: Moderate - Revision Note: V1.0 (August 9, 2011): Bulletin published.Summary: This security update resolves a privately reported vulnerability in Microsoft .NET Framework. The vulnerability could allow information disclosure if a user views a specially crafted Web page using a...
  12. Hotmail and Yahoo users also victims of targeted attacks

    IDG News Service - Web mail users at Yahoo and Hotmail have been hit with the same kind of targeted attacks that were disclosed earlier this week by Google, according to security software vendor Trend Micro. Trend Micro described two similar attacks against Yahoo Mail and Windows Live Hotmail...
  13. Windows 7 How Internet Explorer 9 caused a seismic shift in the way people use the web

    How Internet Explorer 9 caused a seismic shift in the way people use the web Link Removed - Invalid URL IE9 is surely a seismic shift in the way people use the web and is far better than its previous versions. Its safety and security features can be gauged from the fact that the...
  14. Microsoft Releases Security Advisory 2524375

    Hello - Today we're releasing Link Removed due to 404 Error, to address nine fraudulent digital certificates issued by Comodo Group Inc, a root certificate authority. Comodo has since revoked the digital certificates. This is not a Microsoft security vulnerability; however, one of the...
  15. More about the Office File Validation backport plan

    In November 2010, Microsoft released the first Security Bulletin (Link Removed due to 404 Error) against an Office 2010 component, in this case Microsoft Word. Approximately 6 months had elapsed since Office 2010 launched in May and while it's good for such a widely used product to be available...
  16. C

    Microsoft warns of 64-bit Windows 7 hole

    Sorry this is from back on March 19, 2010, but I stumbled across it and thought it was worth posting. Microsoft is working on a patch to fix a hole in a 64-bit Windows 7 graphics display component that could be exploited to crash the system or potentially take control of the computer by...
  17. Windows 7 Prevx to Protect One Million UK Users from Fraud

    Security vendor Prevx has signed an Link Removed with CPP, a large life assistance provider, to incorporate the Prevx 3.0.5 software, complete with the new SafeOnline technology, into its identity protection product. As a result, around one million UK residents who signed up for CPP's Identity...
  18. 10 Reasons Why Windows Security Is Better Than Ever

    10 Reasons Why Windows Security Is Better Than Ever Although some folks like to rail against Microsoft and the state of Windows security, the company's operating system is arguably more secure than it ever has been. That's in no small part due to the many new features that make Windows 7 a...