Microsoft Support & Discussions
Free PC Help Forum microsoft products support and discussions. If you need help with Microsoft Windows, Windows Server software, Microsoft 365, Microsoft Azure or any other Microsoft product you can post here. If you want to discuss Microsoft and their line of products you can do that here also.
84,928 topics in this forum
-
Practical tips on how to use application security testing and testing standards
by Guest Emma Jones- 0 replies
- 0 views
The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest Voice of the Community blog series post, Microsoft Product Marketing Manager Natalia Godyla talks with Daniel Cuthbert, Global Head of Security Research at Banco Santander. Daniel discusses how to use application security testing and testing standards to improve security. Natalia: What is an application security test and what does it entail? Daniel: Let’s say I have a traditional legacy banking application. Users can sign in using their web browser to gain access to financial details or funds, move money around, and…
-
Windows 11 offers chip to cloud protection to meet the new security challenges of hybrid work
by Guest Emma Jones- 0 replies
- 0 views
As the world has changed over the past 18-months, companies have been wrestling with ways to keep employees and data protected as they support new ways of hybrid working. We built Windows 11 to be the most secure Windows yet with built-in chip to cloud protection that ensures company assets stay secure no matter where work happens. The threat intelligence journey to build in protection The expansion of both remote and hybrid workplaces brings new opportunities to organizations. But the expansion of access, increased number of endpoints, and desire for employees to work from anywhere on any device has also introduced new threats and risks. In 2020, Microsoft pro…
-
Windows 365 Enterprise now supports Windows 11
by Guest Christiaan_Brinkhoff- 0 replies
- 0 views
Windows 365 Enterprise supports Windows 11 for all newly provisioned Cloud PCs in available regions beginning October 5, 2021. Windows 365 makes it easier for businesses to use Windows 11 on any device, anywhere. Here is everything you need to know about Windows 365 support for Windows 11. A new OS, a new personalized end user experience Windows 11 is the operating system for hybrid work, delivering new experiences that work how you work, is secure by design, and easy and familiar for IT to deploy and manage. Beginning October 5, 2021, when you provision Cloud PCs, you can select Windows 11 or Windows 10 as the desired operating system (OS). Cloud PC sizing and…
-
Tools to support Windows 11 deployment
by Guest Heather Poulsen- 0 replies
- 0 views
With Windows 11 generally available, you can now begin to upgrade eligible Windows 10 devices in your organization and empower your end users with signature experiences tuned for hybrid work. This post summarizes the resources available to help you plan for and deploy Windows 11, including: Deployment and management tools for Windows 11 Assessing device readiness across your estate Windows 11 application compatibility support Windows 11 technical documentation Evaluating Windows 11 Windows 11 general availability explained General availability means that Windows 11 is now available through familiar channels including Windows Server Update Services (WSUS) a…
-
Getting started with Power Automate for desktop in Windows 11
by Guest John_Anastasopoulos- 0 replies
- 0 views
Power Automate is available from the Start menu in Windows 11. Today, Windows 11 became generally available, and with this release we are excited to announce that Microsoft Power Automate is now built-in with Windows 11. In case you missed the Power Automate blog post, read about the availability of robotic process automation (RPA) in Windows 11. Keep reading to learn more about recent updates that we have made in Power Automate to offer more flexibility with automations, pre-requirements for getting started, management and control updates for automations and more. Power Automate for desktop in Windows 11 Power Automate for desktop, previously called Power A…
-
#BeCyberSmart: When we learn together, we’re more secure together
by Guest Emma Jones- 0 replies
- 0 views
2021 has been a watershed year in cybersecurity. The pandemic continued to bring new challenges as attackers took advantage of overstretched security teams to unleash new human-operated ransomware1, malware, and nation-state attacks like those against Colonial Pipeline2 and JBS Food3. With the move toward hybrid and remote work, security professionals have found themselves with more endpoints to manage and secure. Meanwhile, threat actors are exploiting gaps anywhere they can. Practicing basic cyber hygiene—applying security patches and updating software and apps—is a simple way to empower your organization. October is Cybersecurity Awareness Month, and this year Cyber…
-
3 key resources to accelerate your passwordless journey
by Guest Emma Jones- 0 replies
- 0 views
Every organization today faces password-related challenges—phishing campaigns, productivity loss, and password management costs to name just a few. The risks now outweigh the benefits when it comes to passwords. Even the strongest passwords are easily phish-able and vulnerable to attacks, such as password spray and credential stuffing. People don’t like them either—a third of people surveyed say they’d rather abandon a website than reset their password. “I don’t have any more passwords left in me,” is becoming an all-too-common feeling. It’s time to look at password alternatives that are both highly secure and convenient. Here’s a few key resources that can help you as yo…
-
Defend against zero-day exploits with Microsoft Defender Application Guard
by Guest Emma Jones- 0 replies
- 0 views
Zero-day security vulnerabilities—known to hackers, but unknown to software creators, security researchers, and the public—are like gold to attackers. With zero-days, or even zero-hours, developers have no time to patch the code, giving hackers enough access and time to explore and map internal networks, exfiltrate valuable data, and find other attack vectors. Zero-days has become a great profit engine for hackers due to the imperil it poses to the public, organizations, and government. These vulnerabilities are often sold on the dark web for thousands of dollars, fueling nation-state and ransomware attacks and making the cybercrime business even more appealing and pro…
-
How nation-state attackers like NOBELIUM are changing cybersecurity
by Guest Emma Jones- 0 replies
- 1 view
This is the first post in a four-part series on the NOBELIUM nation-state cyberattack. Microsoft started telling the industry about this extremely advanced cyberattack in December 2020. The NOBELIUM blog series—which mirrors Microsoft’s four-part video series “Decoding NOBELIUM”—will pull the curtain back on the world of threat detection and showcase insights from cybersecurity professionals on the front lines, both Microsoft defenders and other industry experts. In many ways, the NOBELIUM nation-state cyberattack realized the deepest fears of United States cybersecurity experts, according to Microsoft 365 Security Corporate Vice President Rob Lefferts. It was a supply…
-
A simpler, more integrated approach to data governance
by Guest Emma Jones- 0 replies
- 0 views
It’s no secret that the volume of data created by organizations and people multiplies daily. And, in the digital—and hybrid work—world we live in, that data is spread across more tools, platforms, devices, and clouds than ever before, creating regulatory challenges and security risks. Organizations must understand what data they have and where it lives, how it is used, and critically, how it’s all governed. How an organization stores its data and how long it is kept is not just a regulatory compliance issue, but also a security issue. Today, I’m excited to share the general availability of Microsoft Azure Purview, giving organizations that holistic understanding of …
-
FoggyWeb: Targeted NOBELIUM malware leads to persistent backdoor
by Guest Eric Avena- 0 replies
- 0 views
Microsoft continues to work with partners and customers to track and expand our knowledge of the threat actor we refer to as NOBELIUM, the actor behind the SUNBURST backdoor, TEARDROP malware, and related components. As we stated before, we suspect that NOBELIUM can draw from significant operational resources often showcased in their campaigns, including custom-built malware and tools. In March 2021, we profiled NOBELIUM’s GoldMax, GoldFinder, and Sibot malware, which it uses for layered persistence. We then followed that up with another post in May, when we analyzed the actor’s early-stage toolset comprising EnvyScout, BoomBox, NativeZone, and VaporRage. This blog is …
-
A guide to combatting human-operated ransomware: Part 2
by Guest Emma Jones- 0 replies
- 0 views
This blog is part two of a two-part series focused on how Microsoft DART helps customers with human-operated ransomware. For more guidance on human-operated ransomware and how to defend against these extortion-based attacks, refer to our human-operated ransomware docs page. In part one of this blog series, we described the process and execution used in our customer engagements to provide perspective on the unique issues and challenges regarding human-operated ransomware. We also explained how Microsoft’s Detection and Response Team (DART) leverages Microsoft solutions to help combat this threat. In this post, we will tackle the risks of human-operated ransomware and de…
-
3 trends shaping identity as the center of modern security
by Guest Emma Jones- 0 replies
- 0 views
I recently returned from Kenya, where I visited our Microsoft Nairobi development center. Like many of you, I’ve mostly worked from home for the past year and more, so it was refreshing to meet members of our global team and inspiring to feel their passion for our mission: delivering identity solutions that secure access to everything for everyone. This mission has never been more important, given that identity has become the focal point of our digital society. Identity enabled us to rapidly shift to remote models when the pandemic first hit, and identity will help sustain the trend toward more permanent remote and hybrid models moving forward. But other emerging trend…
-
-
- FPCH Admin
- 0 replies
- 281 views
In researching phishing attacks, we came across a campaign that used a rather high volume of newly created and unique subdomains—over 300,000 in a single run. This investigation led us down a rabbit hole as we unearthed one of the operations that enabled the campaign: a large-scale phishing-as-a-service operation called BulletProofLink, which sells phishing kits, email templates, hosting, and automated services at a relatively low cost. With over 100 available phishing templates that mimic known brands and services, the BulletProofLink operation is responsible for many of the phishing campaigns that impact enterprises today. BulletProofLink (also referred to as BulletP…
Last reply by AWS, -
-
-
- FPCH Admin
- 0 replies
- 266 views
This blog is part one of a two-part series focused on how Microsoft DART helps customers with human-operated ransomware. For more guidance on human-operated ransomware and how to defend against these extortion-based attacks, refer to our human-operated ransomware docs page. Microsoft’s Detection and Response Team (DART) has helped customers of all sizes, across many industries and regions, investigate and remediate human-operated ransomware for over five years. This blog aims to explain the process and execution used in our customer engagements to provide perspective on the unique issues and challenges regarding human-operated ransomware. We will also discuss how DART …
Last reply by AWS, -
-
Additional Guidance Regarding OMI Vulnerabilities within Azure VM Management Extensions
by Guest MSRC Team- 0 replies
- 0 views
On September 14, 2021, Microsoft released fixes for three Elevation of Privilege (EoP) vulnerabilities and one unauthenticated Remote Code Execution (RCE) vulnerability in the Open Management Infrastructure (OMI) framework: CVE-2021-38645, CVE-2021-38649, CVE-2021-38648, and CVE-2021-38647, respectively. Open Management Infrastructure (OMI) is an open-source Web-Based Enterprise Management (WBEM) implementation for managing Linux and UNIX systems. Several Azure Virtual Machine (VM) management extensions use this framework to … Additional Guidance Regarding OMI Vulnerabilities within Azure VM Management Extensions Read More » Continue reading...
-
Update to language imaging in Windows 11
by Guest Rittwika_Rudra- 0 replies
- 1 view
Beginning with Windows 10, version 2004, cumulative updates have regularly included user-facing feature improvements. For a subset of languages, this can result in unexpected language fallback: text for updated features may be shown in an unexpected language until the system updates the corresponding Local Experience Pack (LXP). To address this, we are adjusting the language options we offer for device imaging. Until now, OEMs and businesses were offered two language packaging options for device imaging: Component-Based Servicing lp.cab files and Local Experience Pack .appx files. The 38 fully-localized Language Pack (LP) languages were available as both lp.cab and .ap…
-
-
- FPCH Admin
- 0 replies
- 1 view
Last updated on October 5, 2021: See revision history located at the end of the post for changes. On September 14, 2021, Microsoft released fixes for three Elevation of Privilege (EoP) vulnerabilities and one unauthenticated Remote Code Execution (RCE) vulnerability in the Open Management Infrastructure (OMI) framework: CVE-2021-38645, CVE-2021-38649, CVE-2021-38648, and CVE-2021-38647, respectively.
Last reply by Cloaked, -
-
-
- FPCH Admin
- 0 replies
- 285 views
In August, Microsoft Threat Intelligence Center (MSTIC) identified a small number of attacks (less than 10) that attempted to exploit a remote code execution vulnerability in MSHTML using specially crafted Microsoft Office documents. These attacks used the vulnerability, tracked as CVE-2021-40444, as part of an initial access campaign that distributed custom Cobalt Strike Beacon loaders. These loaders communicated with an infrastructure that Microsoft associates with multiple cybercriminal campaigns, including human-operated ransomware. The observed attack vector relies on a malicious ActiveX control that could be loaded by the browser rendering engine using a maliciou…
Last reply by AWS, -
-
The passwordless future is here for your Microsoft account
by Guest Emma Jones- 0 replies
- 0 views
Nobody likes passwords. They’re inconvenient. They’re a prime target for attacks. Yet for years they’ve been the most important layer of security for everything in our digital lives—from email to bank accounts, shopping carts to video games. We are expected to create complex and unique passwords, remember them, and change them frequently, but nobody likes doing that either. In a recent Microsoft Twitter poll, one in five people reported they would rather accidentally “reply all”—which can be monumentally embarrassing—than reset a password. But what alternative do we have? For the past couple of years, we’ve been saying that the future is passwordless, and today I…
-
Afternoon Cyber Tea: Learn how to stop misinformation threats from nation-state bad actors
by Guest Emma Jones- 0 replies
- 0 views
Information has long been wielded as an instrument of national power and influence. In today’s digital world, misinformation can also be just as powerful. On a special episode of Afternoon Cyber Tea with Ann Johnson, Sandra Joyce, Executive Vice President and Head of Mandiant Intelligence at FireEye joined me to talk about threat attribution and accountability when it comes to the use of technology by bad actors to help spread misinformation. As a US Air Force Reserve officer and faculty member at the National Intelligence University with four master’s degrees in cyber policy, international affairs, science and technology intelligence, and military operational art a…
-
Combat attacks with security solutions from Trustwave and Microsoft
by Guest Emma Jones- 0 replies
- 1 view
This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA. In 2021, cyberattacks and instances of ransomware demands against companies, agencies, and institutions have dominated the headlines. These kinds of attacks are on the rise and often have long-reaching impacts that can spill over across supply chains. In just the first half of the year, there have been several high-profile cyberattacks in the United States including Colonial Pipeline1, JBS (the world’s largest meat supplier)2, the Washington, D.C. Police Department3, and the MTA of New York City4, to name a few. The SolarWinds cybersecurity breach5 open…
-
Why diversity is important for a strong cybersecurity team
by Guest Emma Jones- 0 replies
- 0 views
Medicine. Aeronautics. Academia. When you’re a cybersecurity professional, the colleague next to you could have started in one of these industries—or just about any other you can imagine. The backgrounds of cybersecurity professionals are more diverse than those of professionals in other industries. And because cybersecurity as an industry is so new, these professionals likely didn’t study security in school either. That includes LinkedIn’s Chief Information Security Officer (CISO) Geoff Belknap, who graduated college with a business degree. I hosted Geoff on a recent episode of Security Unlocked with Bret Arsenault to talk about strategies for recruiting cybersecurity ta…
-
Coordinated disclosure of vulnerability in Azure Container Instances Service
by Guest MSRC Team- 0 replies
- 0 views
Microsoft recently mitigated a vulnerability reported by a security researcher in the Azure Container Instances (ACI). Our investigation surfaced no unauthorized access to customer data. Out of an abundance of caution we notified customers with containers running on the same clusters as the researchers via Service Health Notifications in the Azure Portal. If you did not receive a notification, no action is required with respect to this vulnerability. Continue reading...
-
-
- FPCH Admin
- 0 replies
- 1 view
Microsoft recently mitigated a vulnerability reported by a security researcher in the Azure Container Instances (ACI) that could potentially allow a user to access other customers’ information in the ACI service. Our investigation surfaced no unauthorized access to customer data. Out of an abundance of caution we notified customers with containers running on the same clusters as the researchers via Service Health Notifications in the Azure Portal.
Last reply by Cloaked, -