Microsoft Support & Discussions
Free PC Help Forum microsoft products support and discussions. If you need help with Microsoft Windows, Windows Server software, Microsoft 365, Microsoft Azure or any other Microsoft product you can post here. If you want to discuss Microsoft and their line of products you can do that here also.
84,928 topics in this forum
-
-
- FPCH Admin
- 0 replies
- 232 views
Today’s threat actors don’t see barriers, they see opportunities. As the old firewalls protecting the corporate network become obsolete amid the rush to adopt a hybrid workspace, implementing Zero Trust security has become an imperative across all sectors, both public and private. During this time of unprecedented change, Microsoft Security is committed to helping you be fearless in pursuing your vision for growth and success. Because an effective Zero Trust approach needs to operate holistically across your complex digital estate, Microsoft Security solutions function as a unified whole to protect your people, data, and business. We’re uniquely positioned to simplify …
Last reply by AWS, -
-
‘Ice phishing’ on the blockchain
by Guest Microsoft 365 Defender Threat Intelligence Team- 0 replies
- 1 view
The technologies that connect us are continually advancing, and while this brings tremendous new capabilities to users, it also opens new attack surfaces for adversaries and abusers. Social engineering represents a class of threats that has extended to virtually every technology that enables human connection. Our recent analysis of a phishing attack connected to the blockchain reaffirms the durability of these threats as well as the need for security fundamentals to be built into related future systems and frameworks. Credential phishing haunts our customers day in and day out in the web2 world, which is the version of the internet that most of us are familiar with and…
-
Researcher Spotlight: Cyber Viking Nate Warfield is Here to Help
by Guest Stephanie Calabrese- 0 replies
- 1 view
“There are few jobs where I can say, I make two billion people more secure on the internet every single day.” Childhood Look: Goth kid, all in black Current Look: Cyber Viking Childhood hobby: Head banging to Metallica, Marilyn Manson, and Guns N’ Roses Current hobby: n0x08 DJ’s Live events around the world. Check him … Researcher Spotlight: Cyber Viking Nate Warfield is Here to Help Read More » Continue reading...
-
-
- FPCH Admin
- 0 replies
- 0 views
“There are few jobs where I can say, I make two billion people more secure on the internet every single day.” Childhood Look: Goth kid, all in black Current Look: Cyber Viking Childhood hobby: Head banging to Metallica, Marilyn Manson, and Guns N’ Roses Current hobby: n0x08 DJ’s Live events around the world.
Last reply by Cloaked, -
-
What’s Next in Security from Microsoft
by Guest Pooja Parab- 0 replies
- 1 view
One of the biggest challenges in security today is complexity. Not only is there an ever-growing number of threats, but many organizations are defending their companies with a patchwork of security solutions that don’t work well together. This piecemeal approach is costly, less secure, and hinders growth. Stay two steps ahead with the latest security innovations On February 24, 2022, at the What’s Next in Security from Microsoft digital event, you’ll learn how a comprehensive approach to security will give you the confidence to take appropriate business risks that move your company forward. At this event, Vasu Jakkal, Microsoft Corporate Vice President of Security…
-
Cybersecurity threats are always changing—staying on top of them is vital, getting ahead of them is paramount
by Guest Pooja Parab- 0 replies
- 1 view
With a 1,070 percent increase in ransomware attacks year-over-year between July 2020 and June 2021, staying on top of attack trends—such as ransomware and supply chain threats—is more important than ever.1 To successfully detect and defend against security threats, we need to come together as a community and share our expertise, research, intelligence, and insights. Microsoft Security Insider is a site for business leaders focused on cybersecurity to get the latest news, insights, threat intelligence, and perspectives on top-of-mind topics in cybersecurity. As we analyze over 24 trillion threat signals daily and engage with hundreds of thousands of customers, our objec…
-
-
- FPCH Admin
- 0 replies
- 278 views
New year, new features. Since Microsoft Ignite in November, we’ve continued to listen to your feedback and make investments in Windows 365 to meet your needs. This month, we’re excited to release two top requested features into Public Preview in Windows 365 Enterprise: Azure AD Join Windows 365 Cloud PC support – This has been by far the most requested feature since Windows 365 reached general availability. With Azure AD Join as a Cloud PC join type option, you no longer need an existing Azure infrastructure to use the service, just your Azure AD users. Localized first-run experience – This has been another huge feature request from organizations around the world. Wi…
Last reply by AWS, -
-
Detect active network reconnaissance with Microsoft Defender for Endpoint
by Guest Pooja Parab- 0 replies
- 1 view
The Microsoft Compromise Recovery Security Practice has observed how the security industry has evolved over the last few years as consumers, businesses, and industry professionals continue to adapt to the changing landscape. We have seen the emergence of new frameworks, such as the Cybersecurity Framework by the National Institute of Standards and Technology (NIST), which can empower us to build scalable programs and accelerate the transition to a Zero Trust workplace. We have also witnessed the rise and prominence of human-operated ransomware, which continues to subvert traditional security defenses and assert control over our information assets.1 Many of our customer…
-
Disabling the MSIX ms-appinstaller protocol handler
by Guest Dian Hartono- 0 replies
- 0 views
We were recently notified that the ms-appinstaller protocol for MSIX can be used in a malicious way. Specifically, an attacker could spoof App Installer to install a package that the user did not intend to install. This spoofing vulnerability is being tracked by the Microsoft Security Resource Center (MSRC) and details on the current status can be found in CVE-2021-43890. We are actively working to address this vulnerability. For now, we have disabled the ms-appinstaller scheme (protocol). This means that App Installer will not be able to install an app directly from a web server. Instead, users will need to first download the app to their device, and then install the …
-
ACTINIUM targets Ukrainian organizations
by Guest Microsoft 365 Defender Threat Intelligence Team- 0 replies
- 0 views
The Microsoft Threat Intelligence Center (MSTIC) is sharing information on a threat group named ACTINIUM, which has been operational for almost a decade and has consistently pursued access to organizations in Ukraine or entities related to Ukrainian affairs. MSTIC previously tracked ACTINIUM activity as DEV-0157, and this group is also referred to publicly as Gamaredon. In the last six months, MSTIC has observed ACTINIUM targeting organizations in Ukraine spanning government, military, non-government organizations (NGO), judiciary, law enforcement, and non-profit, with the primary intent of exfiltrating sensitive information, maintaining access, and using acquired acce…
-
Cyber Signals: Defending against cyber threats with the latest research, insights, and trends
by Guest Emma Jones- 0 replies
- 1 view
We’re excited to introduce Cyber Signals, a cyber threat intelligence brief informed by the latest Microsoft threat data and research. This content, which will be released quarterly, offers an expert perspective into the current threat landscape, discussing trending tactics, techniques, and strategies used by the world’s most prolific threat actors. As such, we hope it’s a valuable resource to Chief Information Security Officers, Chief Information Officers, Chief Privacy Officers, and their teams, as they continue to evolve technologies, policies, and processes against the constantly changing threat landscape. At Microsoft, we believe that security is a team sport and tha…
-
-
- FPCH Admin
- 0 replies
- 355 views
Our discovery and analysis of a sophisticated Mac trojan in October exposed a year-long evolution of a malware family—and depicts the rising complexity of threats across platforms. The trojan, tracked as UpdateAgent, started as a relatively basic information-stealer but was observed distributing secondary payloads in the latest campaign, a capability that it added in one of its multiple iterations. Reminiscent of the progression of info-stealing trojans in other platforms, UpdateAgent may similarly become a vector for other threats to infiltrate target systems. Since its first appearance in September 2020, the malware displayed an increasing progression of sophisticate…
Last reply by AWS, -
-
Catch new episodes of Unpacking Endpoint Management in 2022
by Guest Steve Thomas (GLADIATOR)- 0 replies
- 0 views
Last March, my colleague Danny Guillory and I embarked on an idea based on your feedback—a targeted and interactive web series focused on "real talk" around unified endpoint management. We wanted it to be open to everyone and reasonably transparent. We wanted to foster a live community event where we could not only bring on guests from Microsoft engineering teams, but also (more importantly) engage with you directly through live Q&A! So far, the level of engagement has been amazing. You've asked questions and we've tried our best to provide answers or find answers when we couldn't. We've been listening to your feedback (really appreciate it!) and taking your ideas …
-
Congratulations to the Top MSRC 2021 Q4 Security Researchers!
by Guest Lynn Miyashita- 0 replies
- 0 views
Congratulations to all the researchers recognized in this quarter’s Microsoft Researcher Recognition Program leaderboard! Thank you to everyone for your hard work and continued partnership to secure customers. The top three researchers of the 2021 Q4 Security Researcher Leaderboard are: rezer0dai (780 points), Callum Carney (750 points), and wtm (615 points)! In addition to our regular leaderboard, we … Congratulations to the Top MSRC 2021 Q4 Security Researchers! Read More » Continue reading...
-
Expanding the Microsoft Researcher Recognition Program
by Guest Lynn Miyashita- 0 replies
- 0 views
The Microsoft Researcher Recognition Program offers public thanks and recognition to security researchers who help protect our customers through discovering and sharing security vulnerabilities under Coordinated Vulnerability Disclosure. Today, we are expanding the program to recognize more security researchers in more ways for their contributions to protecting customers, and we published the first new leaderboard … Expanding the Microsoft Researcher Recognition Program Read More » Continue reading...
-
-
- FPCH Admin
- 0 replies
- 0 views
The Microsoft Researcher Recognition Program offers public thanks and recognition to security researchers who help protect our customers through discovering and sharing security vulnerabilities under Coordinated Vulnerability Disclosure. Today, we are expanding the program to recognize more security researchers in more ways for their contributions to protecting customers, and we published the first new leaderboard on our program page.
Last reply by Cloaked, -
-
-
- FPCH Admin
- 0 replies
- 0 views
Congratulations to all the researchers recognized in this quarter’s Microsoft Researcher Recognition Program leaderboard! Thank you to everyone for your hard work and continued partnership to secure customers. The top three researchers of the 2021 Q4 Security Researcher Leaderboard are: rezer0dai (780 points) , Callum Carney (750 points) , and wtm (615 points) !
Last reply by Cloaked, -
-
Gartner® names Microsoft a Leader in the 2022 Magic Quadrant™ for Enterprise Information Archiving
by Guest Emma Jones- 0 replies
- 0 views
With data doubling every two years, it is more critical than ever to have simple and integrated tools to understand and manage risks to an organization. As more people work remotely, users collaborate and store data in different locations. These secular trends offer new possibilities in how work gets done—but also expose an organization to new and expanded risks: increased exposure to data breaches, costs associated with finding relevant data quickly, and meeting compliance requirements. These trends and challenges emphasize the need for a comprehensive enterprise information archiving (EIA) solution that can balance risk and productivity across multiple clouds and system…
-
Build a privacy-resilient workplace with Microsoft Priva
by Guest Pooja Parab- 0 replies
- 0 views
Today, we celebrate international Data Privacy Day. This day reminds us of the importance of respecting privacy, safeguarding data, and enabling trust. However, annual reminders are insufficient to drive material change, which can be seen in the effectiveness rates of one-off trainings. According to the forgetting curve theory, employees forget about 75 percent of training after just six days.1 Imagine the lack of knowledge retention for employees of organizations that only do annual privacy training. To help you with this challenge, we are excited to re-emphasize our commitment to helping organizations build a privacy-resilient workplace with Microsoft Priva, which…
-
-
- FPCH Admin
- 0 replies
- 342 views
This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA. To improve an organization’s cybersecurity readiness, you need to test that your detection and prevention technologies work as intended and that your security program is performing as best it can. Research from a Poneman Institute survey found that amongst over 500 information technology and security leaders across sectors, 53 percent said they were uncertain about the effectiveness and performance of their cybersecurity capabilities.1 The reason? Even the most advanced security controls fail due to human error and configuration drift, and when they do, th…
Last reply by AWS, -
-
Discover 3 ways to take a holistic approach to data protection
by Guest Pooja Parab- 0 replies
- 0 views
The risk landscape for organizations has changed significantly in the past few years. Traditional ways of identifying and mitigating risks simply don’t work. While traditionally, organizations have focused on external threats, risks from within the organization are just as prevalent and harmful. These risks include unprotected and ungoverned data, insiders doing or saying things they shouldn’t, as well as ever-changing regulations. Also, with more than 300 million people working remotely, data is being created, accessed, shared, and stored outside of the traditional borders of business. Enterprises need to quickly move to a more holistic approach to data protection and re…
-
-
- FPCH Admin
- 0 replies
- 7.4k views
Microsoft has invested significant effort into understanding why Windows devices are not always fully up to date. One of the most impactful things we explored was how much time a device needs to be powered on and connected to Windows Update to be able to successfully install quality and feature updates. What we found is that devices that don’t meet a certain amount of connected time are very unlikely to successfully update. Specifically, data shows that devices need a minimum of two continuous connected hours, and six total connected hours after an update is released to reliably update. This allows for a successful download and background installations that are able to re…
Last reply by AWS, -
-
Evolved phishing: Device registration trick adds to phishers’ toolbox for victims without MFA
by AWS-
- FPCH Admin
- 0 replies
- 263 views
We have recently uncovered a large-scale, multi-phase campaign that adds a novel technique to traditional phishing tactics by joining an attacker-operated device to an organization’s network to further propagate the campaign. We observed that the second stage of the campaign was successful against victims that did not implement multifactor authentication (MFA), an essential pillar of identity security. Without additional protective measures such as MFA, the attack takes advantage of the concept of bring-your-own-device (BYOD) via the ability to register a device using freshly stolen credentials. The first campaign phase involved stealing credentials in target organizat…
Last reply by AWS, -
-
How CISOs are preparing to tackle 2022
by Guest Pooja Parab- 0 replies
- 1 view
Looking back over the last year, the security landscape has continued to experience significant change and escalation. Every day, we see the toll this is taking on organizations of all sizes as they navigate the enduring challenges of the pandemic, the expansion of the digital estate, and the evolution of threats. As defenders ourselves, we understand the relentless commitment required to safeguard people and organizations in this environment. It is our mission to ensure security leaders have the tools and resources they need to succeed in this important work. To continually understand the priorities and concerns of our community, we run research with security leaders eve…
-
-
- FPCH Admin
- 0 replies
- 253 views
20 years ago this week, Bill Gates sent a now-famous email to all Microsoft employees announcing the creation of the Trustworthy Computing (TwC) initiative. The initiative was intended to put customer security, and ultimately customer trust, at the forefront for all Microsoft employees. Gates’ memo called upon teams to deliver products that are “as available, reliable and secure as standard services such as electricity, water services, and telephony.” Protecting customers is core to Microsoft’s mission. With more than 8,500 Microsoft security experts from across 77 countries, dedicated red and blue teams, 24/7 security operations centers, and thousands of partners acro…
Last reply by AWS, -