Microsoft Support & Discussions
Free PC Help Forum microsoft products support and discussions. If you need help with Microsoft Windows, Windows Server software, Microsoft 365, Microsoft Azure or any other Microsoft product you can post here. If you want to discuss Microsoft and their line of products you can do that here also.
84,928 topics in this forum
-
-
- FPCH Admin
- 0 replies
- 225 views
Microsoft’s deep understanding of human-operated ransomware attacks, which are powered by a thriving cybercrime gig economy, continuously informs the solutions we deliver to protect customers. Our expert monitoring of threat actors, investigations into real-world ransomware attacks, and the intelligence we gather from the trillions of signals that the Microsoft cloud processes every day provide a unique insight into these threats. For example, we track human-operated ransomware attacks not only as distinct ransomware payloads, but more importantly, as a series of malicious activities that culminate in the deployment of ransomware. Detecting and stopping ransomware attacks…
Last reply by AWS, -
-
Securing your IoT with Edge Secured-core devices
by Guest Christine Barrett- 0 replies
- 0 views
A recent study conducted by Microsoft in partnership with Ponemon Institute included a survey of companies that have adopted IoT solutions and 65 percent of them mentioned that security is a top priority when implementing IoT. Attacks targeting IoT devices put businesses at risk. Impacted devices can be bricked, held for ransom, employed as launch points for further network attacks, or used for malicious purposes. Among many consequences, we often see intellectual property (IP) and data theft and compromised regulatory status, all of which can have brand and financial implications on the business. Subsequently, we did a survey to understand the top concerns around the…
-
How one Microsoft software engineer works to improve access management
by Guest Christine Barrett- 0 replies
- 1 view
There’s still a perception that the most successful computer scientists learn programming at a young age, study engineering at a top school, and then get a software development job right out of college. While that’s how many people enter the field, it’s not the only path. Microsoft Software Engineer Rebecca Nzioki is living proof. She started out studying business but switched disciplines because she found IT more interesting. She decided to switch disciplines again after she started working and discovered a passion for solving customer problems. She then dedicated herself to learning how to code so she could find permanent fixes to issues that were frustrating the custom…
-
Making the world a safer place with Microsoft Defender for individuals
by Guest Christine Barrett- 0 replies
- 0 views
Today’s sophisticated cyber threats require a modern approach to security. And this doesn’t apply only to enterprises or government entities—in recent years we’ve seen attacks increase exponentially against individuals. There are 921 password attacks every second.1 We’ve seen ransomware threats extending beyond their usual targets to go after small businesses and families. And we know, as bad actors become more and more sophisticated, we need to increase our personal defenses as well. That is why it is so important for us to protect your entire digital life, whether you are at home or work—threats don’t end when you walk out of the office or close your work laptop for …
-
Why strong security solutions are critical to privacy protection
by Guest Emma Jones- 0 replies
- 0 views
The security community is continuously changing, growing, and learning from each other to better position the world against cyberthreats. In the latest post of our Voice of the Community blog series, Microsoft Security Senior Product Marketing Manager Brooke Lynn Weenig talks with Ann Cavoukian, Ph.D., Founder and Chief Executive Officer (CEO) of Global Privacy & Security by Design, former three-term Information and Privacy Commissioner for Ontario, Canada, and author of “Privacy by Design: The 7 Foundational Principles.” The thoughts below reflect Ann’s views, not the views of her employer or Microsoft, and are not legal advice. In this blog post, Ann shares insights…
-
-
- FPCH Admin
- 0 replies
- 276 views
The BlackCat ransomware, also known as ALPHV, is a prevalent threat and a prime example of the growing ransomware-as-a-service (RaaS) gig economy. It’s noteworthy due to its unconventional programming language (Rust), multiple target devices and possible entry points, and affiliation with prolific threat activity groups. While BlackCat’s arrival and execution vary based on the actors deploying it, the outcome is the same—target data is encrypted, exfiltrated, and used for “double extortion,” where attackers threaten to release the stolen data to the public if the ransom isn’t paid. First observed in November 2021, BlackCat initially made headlines because it was one of…
Last reply by AWS, -
-
5 ways to connect with Microsoft Security at Identiverse 2022
by Guest Christine Barrett- 0 replies
- 0 views
Identiverse is where the industry gathers to discuss all things identity. The 2022 conference will take place June 21 to 24 in Denver, Colorado, and I’m absolutely thrilled that Microsoft will be there. At Identiverse, we’ll share how we help customers secure access in a hybrid, multicloud, and decentralized world—everyone needs a digital identity they own. Identity is the center of digital transformation and we always learn a ton from the experiences and ideas our partners, customers, and even competitors share. I’m eager to connect with our amazing partners and chat with new folks interested in identity and security. Here are five ways you can connect with us while ther…
-
- 0 replies
- 766 views
Malware that steals your passwords, credit cards, and crypto wallets is being promoted through search results for a pirated copy of the CCleaner Pro Windows optimization program. This new malware distribution campaign is dubbed “FakeCrack,” and was discovered by analysts at Avast, who report detecting an average of 10,000 infection attempts every day from its customer telemetry data. Most of these victims are based in France, Brazil, Indonesia, and India. The malware distributed in this campaign is a powerful information stealer that can harvest personal data and cryptocurrency assets and route internet traffic through data-snatching proxies. A Black Hat SEO ca…
Last reply by starbuck, -
Preview app and driver compatibility insights in Endpoint Manager
by Guest Heena Macwan- 0 replies
- 0 views
Today, we're excited to announce that we're making two new reports available in public preview for eligible Microsoft Endpoint Manager customers: Windows feature update device readiness report - Select a target version of Windows that you plan to deploy and provides a device-by-device view of any compatibility risks that may be encountered during or after the feature update or upgrade. Windows feature update compatibility risks report - Find a summary of the top compatibility risks across your organization so that you can prioritize which risks to address first. As organizations plan to upgrade to Windows 11, we’re committed to ensuring that applications and dri…
-
-
- FPCH Admin
- 0 replies
- 248 views
The Customer Experience Engineering team at Microsoft is pleased to announce that the Windows Customer Connection Program (WCCP) is expanding. Are you an IT professional who wants to help Windows engineers build the right products and services, the right way, as fast as possible? Opt-in today at aka.ms/JoinWCCP. Windows Customer Connection Program members have access to exclusive virtual calls, focus groups, surveys, Teams discussions, and private previews. Engage directly with the engineering teams that build the features and products you use daily, as well as those that are yet to be released. What is the WCCP? The Windows Customer Connection Program provides…
Last reply by AWS, -
-
Announcing 2022 Microsoft Security Excellence Awards winners
by Guest Emma Jones- 0 replies
- 0 views
Spirits soared at the Microsoft Security Excellence Awards on June 5, 2022. And is it any wonder? The celebration marked the first time that Microsoft executives and Microsoft Intelligent Security Association (MISA) members had gathered in person in more than two years so it was a special night for many reasons! Formerly known as the Microsoft Security 20/20 Awards, the Microsoft Security Excellence Awards recognizes MISA member success across security during the past 12 months. MISA is a coalition of Microsoft leaders and subject matter experts, independent software vendors (ISVs), and managed security service providers (MSSPs) working together to defend against incre…
-
Exposing POLONIUM activity and infrastructure targeting Israeli organizations
by Guest Microsoft 365 Defender Threat Intelligence Team- 0 replies
- 0 views
Microsoft successfully detected and disabled attack activity abusing OneDrive by a previously undocumented Lebanon-based activity group Microsoft Threat Intelligence Center (MSTIC) tracks as POLONIUM. The associated indicators and tactics were used by the OneDrive team to improve detection of attack activity and disable offending actor accounts. To further address this abuse, Microsoft has suspended more than 20 malicious OneDrive applications created by POLONIUM actors, notified affected organizations, and deployed a series of security intelligence updates that will quarantine tools developed by POLONIUM operators. Our goal with this blog is to help deter future activit…
-
Microsoft collaborates with Tenable to support federal cybersecurity efforts
by Guest Christine Barrett- 0 replies
- 0 views
On May 12, 2021, the White House issued Presidential Executive Order (EO) 14028 to establish cybersecurity as a national priority.1 As part of this effort, the White House has called for greater public and private sector collaboration to address the evolving threats facing federal agencies. In the spirit of the EO and as part of our commitment to enhancing cybersecurity across the United States, we today announce that Tenable has expanded its collaboration with the Microsoft Intelligent Security Association (MISA). Tenable is a pioneer in the risk management market and creator of Nessus, one of the most widely deployed vulnerability assessment solutions in the cybersec…
-
Using Python to unearth a goldmine of threat intelligence from leaked chat logs
by Guest Paul Oliveria- 0 replies
- 0 views
Dealing with a great amount of data can be time consuming, thus using Python can be very powerful to help analysts sort information and extract the most relevant data for their investigation. The open-source tools library, MSTICPy, for example, is a Python tool dedicated to threat intelligence. It aims to help threat analysts acquire, enrich, analyze, and visualize data. This blog provides a workflow for deeper data analysis and visualization using Python, as well as for extraction and analysis of indicators of compromise (IOCs) using MSTICPy. Data sets from the February 2022 leak of data from the ransomware-as-a-service (RaaS) coordinated operation called “Conti” is u…
-
-
- FPCH Admin
- 0 replies
- 247 views
Windows Autopatch is now available for public preview! This post will take you through the steps to join the public preview and offer a quick primer to familiarize you with the service. What Is Windows Autopatch? Windows Autopatch is a new service that automates the process of managing and rolling out updates for Windows and Microsoft 365 apps. If you missed the announcement, beginning in early July 2022, this service will be generally available if you have a Windows Enterprise E3 license or greater. The takeaway if you're an IT admin? You can continue using the tools and processes you're accustomed to for managing and deploying updates—or you can take a hands-off…
Last reply by AWS, -
-
-
- FPCH Admin
- 0 replies
- 230 views
Today I'd like to offer some handy tips on the best ways to test updates for compatibility with your infrastructure, applications, and managed devices. In the Windows quality updates primer, I shared a brief overview of the what, why, and when for the different Windows quality updates we deliver to keep you protected and productive. With Windows 11, new features are generating rich conversation and feedback. Our monthly Windows optional updates are just one great way to test out previews of the updates and features that will officially be released on the next Update Tuesday. I'd like to share with you my personal bookmarked resources, which offer: Strategies and oppor…
Last reply by AWS, -
-
Streamlining employee onboarding: Microsoft’s response to the Great Reshuffle
by Guest Emma Jones- 0 replies
- 0 views
In 2021, workers everywhere reevaluated their professional and personal choices, leading to what became known as the Great Resignation. In 2022, a new trend that many are calling the Great Reshuffle has emerged, with 43 percent of the workforce saying they’re very likely to consider changing jobs or exiting their industry altogether in the coming year.1 As our 2022 Work Trend Index, Great Expectations: Making Hybrid Work Work, revealed, employees have a new “worth it” equation and are voting with their feet.2 As a result, employees are onboarding and offboarding more frequently. The constant flow of tasks, starting with applying for a job and navigating the first few d…
-
-
- FPCH Admin
- 0 replies
- 235 views
What could the world achieve if we had trust in every digital experience and interaction? This question has inspired us to think differently about identity and access, and today, we’re announcing our expanded vision for how we will help provide secure access for our connected world. Microsoft Entra is our new product family that encompasses all of Microsoft’s identity and access capabilities. The Entra family includes Microsoft Azure Active Directory (Azure AD), as well as two new product categories: Cloud Infrastructure Entitlement Management (CIEM) and decentralized identity. The products in the Entra family will help provide secure access to everything for everyo…
Last reply by AWS, -
-
- 0 replies
- 0 views
On Monday May 30, 2022, Microsoft issued CVE-2022-30190 regarding the Microsoft Support Diagnostic Tool (MSDT) in Windows vulnerability. A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the … Guidance for CVE-2022-30190 Microsoft Support Diagnostic Tool Vulnerability Read More » Continue reading...
-
-
- FPCH Admin
- 0 replies
- 0 views
UPDATE July 12, 2022: As part of the response by Microsoft, a defense in depth variant has been found and fixed in the Windows July cumulative updates. Microsoft recommends installing the July updates as soon as possible. Windows Version Link to KB article LInk to Catalog Windows 8.1, Windows Server 2012 R2 5015805 Download Windows Server 2012 5015805 Download Windows 7, Windows Server 2008 R2 5015805 Download Windows Server 2008 SP2 5015805 Download On Monday May 30, 2022, Microsoft issued CVE-2022-30190 regarding the Microsoft Support Diagnostic Tool (MSDT) in Windows vulnerability.
Last reply by Cloaked, -
-
Android apps with millions of downloads exposed to high-severity vulnerabilities
by Guest Katie McCafferty- 0 replies
- 0 views
Microsoft uncovered high-severity vulnerabilities in a mobile framework owned by mce Systems and used by multiple large mobile service providers in pre-installed Android System apps that potentially exposed users to remote (albeit complex) or local attacks. The vulnerabilities, which affected apps with millions of downloads, have been fixed by all involved parties. Coupled with the extensive system privileges that pre-installed apps have, these vulnerabilities could have been attack vectors for attackers to access system configuration and sensitive information. As it is with many of pre-installed or default applications that most Android devices come with these days, s…
-
- 0 replies
- 259 views
The privacy-focused DuckDuckGo browser purposely allows Microsoft trackers on third-party sites due to an agreement in their syndicated search content contract between the two companies. DuckDuckGo is a search engine that prides itself on its privacy by not tracking your searches or your behavior while performing searches. Furthermore, instead of building user profiles to display interest-based advertisements, DuckDuckGo will use contextual advertisements from partners, like Ads by Microsoft. While DuckDuckGo does not store any personal identifiers with your search queries, Microsoft advertising may track your IP address and other information when clicking on an ad …
Last reply by starbuck, -
Detecting and preventing privilege escalation attacks leveraging Kerberos relaying (KrbRelayUp)
by Guest Microsoft 365 Defender Threat Intelligence Team- 0 replies
- 1 view
On April 24, 2022, a privilege escalation hacking tool, KrbRelayUp, was publicly disclosed on GitHub by security researcher Mor Davidovich. KrbRelayUp is a wrapper that can streamline the use of some features in Rubeus, KrbRelay, SCMUACBypass, PowerMad/SharpMad, Whisker, and ADCSPwn tools in attacks. Although this attack won’t function for Azure Active Directory (Azure AD) joined devices, hybrid joined devices with on-premises domain controllers remain vulnerable. Microsoft Defender for Identity detects activity from the early stages of the attack chain by monitoring anomalous behavior as seen by the domain controller. In addition, signals from Defender for Identity al…
-
New Research Paper: Pre-hijacking Attacks on Web User Accounts
by Guest Andrew Paverd- 0 replies
- 1 view
In 2020, MSRC awarded two Identity Project Research Grants to support external researchers working to further strengthen the security of identity protocols and systems. Today we are pleased to release the results of the first of these projects. This research, led by independent security researcher Avinash Sudhodanan, investigated account pre-hijacking – a new class of … New Research Paper: Pre-hijacking Attacks on Web User Accounts Read More » Continue reading...
-
Anatomy of a DDoS amplification attack
by Guest Microsoft 365 Defender Threat Intelligence Team- 0 replies
- 0 views
Amplification attacks are one of the most common distributed denial of service (DDoS) attack vectors. These attacks are typically categorized as flooding or volumetric attacks, where the attacker succeeds in generating more traffic than the target can process, resulting in exhausting its resources due to the amount of traffic it receives. In this blog, we start by surveying the anatomy and landscape of amplification attacks, while providing statistics from Azure on most common attack vectors, volumes, and distribution. We then describe some of the countermeasures taken in Azure to mitigate amplification attacks. DDoS amplification attacks, what are they? Ref…