Jump to content

Microsoft Support & Discussions

Free PC Help Forum microsoft products support and discussions. If you need help with Microsoft Windows, Windows Server software, Microsoft 365, Microsoft Azure or any other Microsoft product you can post here. If you want to discuss Microsoft and their line of products you can do that here also. 

82,445 topics in this forum

  1. Guest Todd VanderArk

    Patching as a social responsibility

    by Guest Todd VanderArk
    • 0 replies
    • 0 views

    In the wake of the devastating (Not)Petya attack, Microsoft set out to understand why some customers weren’t applying cybersecurity hygiene, such as security patches, which would have helped mitigate this threat. We were particularly concerned with why patches hadn’t been applied, as they had been available for months and had already been used in the WannaCrypt worm—which clearly established a ”real and present danger.” We learned a lot from this journey, including how important it is to build clearer industry guidance and standards on enterprise patch management. To help make it easier for organizations to plan, implement, and improve an enterprise patch management st…

    Guest
    Last reply by Guest,
  2. Guest Todd VanderArk

    How to avoid getting caught in a “Groundhog Day” loop of security issues

    by Guest Todd VanderArk
    • 0 replies
    • 0 views

    It’s Cyber Security Awareness Month and it made me think about one of my favorite movies, called Groundhog Day. Have you ever seen it? Bill Murray is the cynical weatherman, Phil Connors, who gets stuck in an endless loop where he repeats the same day over and over again until he “participates in his own rescue” by becoming a better person. Sometimes it can feel like we’re caught in our own repetitious loops in cybersecurity—I even did a on this very topic a few years ago. The good news is that we can get out of the loop. By learning lessons from the past and bringing them forward and applying them to today’s technologies, outcomes can be changed—with “change” being…

    Guest
    Last reply by Guest,
  3. Guest Eric Avena

    In hot pursuit of elusive threats: AI-driven behavior-based blocking stops attacks in their tracks

    by Guest Eric Avena
    • 0 replies
    • 0 views

    Our experience in detecting and blocking threats on millions of endpoints tells us that attackers will stop at nothing to circumvent protections. Even one gap in security can be disastrous to an organization. At Microsoft, we don’t stop finding new ways to fill in gaps in security. We go beyond strengthening existing defenses by introducing new and innovative layers of protection. While our industry-leading endpoint protection platform stops most threats before they can even run, we continue improving protections for instances where sophisticated adversarial attacks manage to slip through. Multiple layers of protection mean multiple hurdles that attackers need to ov…

    Guest
    Last reply by Guest,
  4. Guest Todd VanderArk

    CISO series: Lessons learned from the Microsoft SOC—Part 3a: Choosing SOC tools

    by Guest Todd VanderArk
    • 0 replies
    • 0 views

    The Lessons learned from the Microsoft SOC blog series is designed to share our approach and experience with security operations center (SOC) operations. Our learnings in the series come primarily from Microsoft’s corporate IT security operation team, one of several specialized teams in the Microsoft Cyber Defense Operations Center (CDOC). Over the course of the series, we’ve discussed how we operate our SOC at Microsoft. In the last two posts, Part 2a, Organizing people, and Part 2b: Career paths and readiness, we discussed how to support our most valuable resources—people—based on successful job performance. We’ve also included lessons learned from the Microsoft D…

    Guest
    Last reply by Guest,
  5. Guest Todd VanderArk

    Your password doesn’t matter—but MFA does!

    by Guest Todd VanderArk
    • 0 replies
    • 0 views

    Your pa$$word doesn’t matter—Multi-Factor Authentication (MFA) is the best step you can take to protect your accounts. Using anything beyond passwords significantly increases the costs for attackers, which is why the rate of compromise of accounts using any MFA is less than 0.1 percent of the general population. All authenticators are vulnerable There is a broad range of mechanisms to break authenticators. That doesn’t make all authenticators equally vulnerable. Costs vary massively by attack type, and attacks that preserve anonymity and don’t require proximity to the target are much easier to achieve. Channel-Jacking and Real-Time Phishing are the most dominant w…

    Guest
    Last reply by Guest,
  6. Guest Eric Avena

    Forrester names Microsoft a Leader in 2019 Endpoint Security Suites Wave

    by Guest Eric Avena
    • 0 replies
    • 0 views

    As we continue as a company to empower every person on the planet to achieve more, we keep delivering on our mission through products that achieve the highest recognition in the industry. For the last several years we’ve been working hard to provide the leading endpoint security product in the market. Today, we are proud to announce that Microsoft is positioned as a leader in The Forrester Wave: Endpoint Security Suites, Q3 2019, receiving among the second highest scores in both the strategy and market presence categories. According to Forrester, “Microsoft has a compelling vision for the future where endpoint threat prevention and detection are completely integrated a…

    Guest
    Last reply by Guest,
  7. Guest Todd VanderArk

    Rethinking how we learn security

    by Guest Todd VanderArk
    • 0 replies
    • 0 views

    A couple of years ago, I wrote an article on the relative lack of investor and startup interest in addressing a crucial CISO priority—the preparedness of employees on the security team. Considering what seems to be a steady stream of news about breaches, what can be done to encourage more people to get into cybersecurity and how we can better prepare cyber pros to succeed? In my own experience, I’ve read white papers and manuals, taken bootcamps and practice tests, and slogged through hours of recorded content. It’s a lot to process, and mostly dependent on the quality of the instructor or delivery format. In this evolving threat environment, content is also outdated a…

    Guest
    Last reply by Guest,
  8. Guest Todd VanderArk

    TLS version enforcement capabilities now available per certificate binding on Windows Server 2019

    by Guest Todd VanderArk
    • 0 replies
    • 0 views

    At Microsoft, we often develop new security features to meet the specific needs of our own products and online services. This is a story about how we solved a very important problem and are sharing the solution with customers. As engineers worldwide work to eliminate their own dependencies on TLS 1.0, they run into the complex challenge of balancing their own security needs with the migration readiness of their customers. Microsoft faced this as well. To date, we’ve helped customers address these issues by adding TLS 1.2 support to older operating systems, by shipping new logging formats in IIS for detecting weak TLS usage by clients, as well as providing the latest te…

    Guest
    Last reply by Guest,
  9. Guest Eric Avena

    Bring your own LOLBin: Multi-stage, fileless Nodersok campaign delivers rare Node.js-based malware

    by Guest Eric Avena
    • 0 replies
    • 0 views

    We’ve discussed the challenges that fileless threats pose in security, and how Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) employs advanced strategies to defeat these sophisticated threats. Part of the slyness of fileless malware is their use of living-off-the-land techniques, which refer to the abuse of legitimate tools, also called living-off-the-land binaries (LOLBins), that already exist on machines through which malware can persist, move laterally, or serve other purposes. But what happens when attackers require functionality beyond what’s provided by standard LOLBins? A new malware campaign we dubbed Nodersok decided to bring its own LO…

    Guest
    Last reply by Guest,
  10. Guest Todd VanderArk

    How to prevent phishing attacks that target your customers with DMARC and Office 365

    by Guest Todd VanderArk
    • 0 replies
    • 0 views

    You already know that email is the number one attack vector for cybercriminals. But what you might not know is that without a standard email security protocol called Domain Message Authentication, Reporting, and Conformance (DMARC), your organization is open to the phishing attacks that target your customers, crater your email deliverability rates, and crush your email-based revenue streams. For all the utility of email, which remains the ultimate app for business collaboration and communication, it does have a serious flaw: the ability for a bad actor to pretend to be someone else in an email message. This can be done through one of two attack techniques, spoofing and…

    Guest
    Last reply by Guest,
  11. Guest MSRC Team

    Designing a COM library for Rust

    by Guest MSRC Team
    • 0 replies
    • 0 views

    I interned with Microsoft as a Software Engineering Intern in the MSRC UK team in Cheltenham this past summer. I worked in the Safe Systems Programming Language (SSPL) group, which explores safe programming languages as a proactive measure against memory-safety related vulnerabilities. This blog post describes the project that I have been working on under … Designing a COM library for Rust Read More » The post Designing a COM library for Rust appeared first on Microsoft Security Response Center. Continue reading...

    Guest
    Last reply by Guest,
  12. Guest MSRC Team

    October 2019 security updates are available!

    by Guest MSRC Team
    • 0 replies
    • 0 views

    We have released the October security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide. As a reminder, Windows 7 and Windows Server 2008 R2 will be out of … October 2019 security updates are available! Read More » The post October 2019 security updates are available! appeared first on Microsoft Security Response Center. Continue reading...

    Guest
    Last reply by Guest,
  13. Cloaked

    October 2019 security updates are available!

    by Cloaked
      • FPCH Admin
    • 0 replies
    • 0 views

    We have released the October security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide. As a reminder, Windows 7 and Windows Server 2008 R2 will be out of extended support and no longer receiving updates as of January 14, 2020.

    Cloaked
    Last reply by Cloaked,
  14. Cloaked

    Designing a COM library for Rust

    by Cloaked
      • FPCH Admin
    • 0 replies
    • 1 view

    I interned with Microsoft as a Software Engineering Intern in the MSRC UK team in Cheltenham this past summer. I worked in the Safe Systems Programming Language (SSPL) group, which explores safe programming languages as a proactive measure against memory-safety related vulnerabilities. This blog post describes the project that I have been working on under the mentorship of the SSPL team.

    Cloaked
    Last reply by Cloaked,
  15. Guest Microsoft Windows Server Team

    Windows Server 2019 adds support for Office 365 ProPlus

    by Guest Microsoft Windows Server Team
    • 0 replies
    • 0 views

    Today were introducing Office 365 ProPlus support for Windows Server 2019 customers with on-premises and Azure deployments. Weve also enabled customers to immediately download and leverage FSLogix functionality, including the Office 365 Container, to enhance the speed and performance around user profile data in non-persistent virtualized environments. This continues our commitment to enhance the Office experience in local and virtualized environments and improves the end user experience in non-persistent virtualized environments. Our priority is to continue to deliver a great Office experience in on-premises virtualized environments; we have updated our Office 365 supp…

    Guest
    Last reply by Guest,
  16. Guest Microsoft Windows Server Team

    Windows Admin Center unleashes Server Core adoption

    by Guest Microsoft Windows Server Team
    • 0 replies
    • 0 views

    Since the general availability of Windows Server 2019, we have seen the fastest adoption rate of Windows Server Core in history. If you havent heard of Windows Server Core, then youre really missing out! Windows Server Core is the lightest deployment option of Windows Server Standard or Windows Server Datacenter editions. Why are customers choosing to deploy Windows Server Core now? Its Windows Admin Center. This new server management tool delivers many of the benefits of the Desktop Experience and is a free download that comes with your Windows Server license. Admins love the intuitive, graphical user interface and the ability to manage your virtual machines from any …

    Guest
    Last reply by Guest,
  17. Guest jsecteam

    [AD管理者向け] 2020 年 LDAP 署名と LDAP チャネルバインディングが有効化。確認を!

    by Guest jsecteam
    • 0 replies
    • 0 views

    マイクロソフトでは、2020 年初頭に、Active Directory ドメイン環境内の LDAP 通信の安全性を向上するために、LDAP 署名、およびLDAP チャネルバインディング (LDAPS 利用時)を既定で有効化します。 The post [AD管理者向け] 2020 年 LDAP 署名と LDAP チャネルバインディングが有効化。確認を! appeared first on Microsoft Security Response Center. Continue reading...

    Guest
    Last reply by Guest,
  18. Guest MSRC Team

    Building the Azure IoT Edge Security Daemon in Rust

    by Guest MSRC Team
    • 0 replies
    • 0 views

    Azure IoT Edge is an open source, cross platform software project from the Azure IoT team at Microsoft that seeks to solve the problem of managing distribution of compute to the edge of your on-premise network from the cloud. This post explains some of the rationale behind our choice of Rust as the implementation programming … Building the Azure IoT Edge Security Daemon in Rust Read More » The post Building the Azure IoT Edge Security Daemon in Rust appeared first on Microsoft Security Response Center. Continue reading...

    Guest
    Last reply by Guest,
  19. Cloaked

    Building the Azure IoT Edge Security Daemon in Rust

    by Cloaked
      • FPCH Admin
    • 0 replies
    • 1 view

    Azure IoT Edge is an open source, cross platform software project from the Azure IoT team at Microsoft that seeks to solve the problem of managing distribution of compute to the edge of your on-premise network from the cloud. This post explains some of the rationale behind our choice of Rust as the implementation programming language for the Security Daemon component in the product.

    Cloaked
    Last reply by Cloaked,
  20. Guest MSRC Team

    MSRC is going to ROOTCON!

    by Guest MSRC Team
    • 0 replies
    • 0 views

    The Microsoft Security Response Center (MSRC) works with partners all over the world to protect Microsoft customers. This week we’re headed to the Philippines to meet security researchers and bounty hunters at ROOTCON 13! Planning on attending ROOTCON? If you want to learn more about how you can earn rewards for reporting vulnerabilities to Microsoft … MSRC is going to ROOTCON! Read More » The post MSRC is going to ROOTCON! appeared first on Microsoft Security Response Center. Continue reading...

    Guest
    Last reply by Guest,
  21. Cloaked

    MSRC is going to ROOTCON!

    by Cloaked
      • FPCH Admin
    • 0 replies
    • 1 view

    The Microsoft Security Response Center (MSRC) works with partners all over the world to protect Microsoft customers. This week we’re headed to the Philippines to meet security researchers and bounty hunters at ROOTCON 13! Planning on attending ROOTCON? If you want to learn more about how you can earn rewards for reporting vulnerabilities to Microsoft bounty programs, you have two ways to connect with us there:

    Cloaked
    Last reply by Cloaked,
  22. Guest MSRC Team

    Meet the BlueHat Content Advisory Board

    by Guest MSRC Team
    • 0 replies
    • 0 views

    We couldn’t do BlueHat without the Content Advisory Board, the brain trust reviewing submissions to the CFP. Representing both Microsoft and other parts of security community, the CAB applies their industry and speaker experience to create the BlueHat agenda that’s the right mix of topics and perspectives. We really appreciate the time these people take … Meet the BlueHat Content Advisory Board Read More » The post Meet the BlueHat Content Advisory Board appeared first on Microsoft Security Response Center. Continue reading...

    Guest
    Last reply by Guest,
  23. Cloaked

    Meet the BlueHat Content Advisory Board

    by Cloaked
      • FPCH Admin
    • 0 replies
    • 1 view

    We couldn’t do BlueHat without the Content Advisory Board, the brain trust reviewing submissions to the CFP. Representing both Microsoft and other parts of security community, the CAB applies their industry and speaker experience to create the BlueHat agenda that’s the right mix of topics and perspectives. We really appreciate the time these people take to review every submission and find the right talks.

    Cloaked
    Last reply by Cloaked,
  24. Guest MSRC Team

    Calling all breakers & builders: BlueHat Seattle registration is open!

    by Guest MSRC Team
    • 0 replies
    • 0 views

    Exciting changes are coming to BlueHat Seattle 2019! If you’d like to attend this premier security conference, we have good news for you: registration for BlueHat Seattle is now open and we hope you register. Wait, isn’t BlueHat invitation-only? It is…but if we haven’t sent you an invitation, we encourage you to request a seat. Visit our registration site and tell us a little bit about yourself. We’re reviewing all application requests and will send a confirmation if you are selected. The BlueHat conference team is creating an engaging two-day agenda to provide a … Calling all breakers & builders: BlueHat Seattle registration is open! Read More » The post C…

    Guest
    Last reply by Guest,
  25. Cloaked

    Calling all breakers & builders: BlueHat Seattle registration is open!

    by Cloaked
      • FPCH Admin
    • 0 replies
    • 1 view

    @TODO: Exciting changes are coming to BlueHat Seattle 2019! If you’d like to attend this premier security conference, we have good news for you: registration for BlueHat Seattle is now open and we hope you register. Wait, isn’t BlueHat invitation-only? It is…but if we haven’t sent you an invitation, we encourage you to request a seat.

    Cloaked
    Last reply by Cloaked,
×
×
  • Create New...