Microsoft Support & Discussions
Free PC Help Forum microsoft products support and discussions. If you need help with Microsoft Windows, Windows Server software, Microsoft 365, Microsoft Azure or any other Microsoft product you can post here. If you want to discuss Microsoft and their line of products you can do that here also.
84,928 topics in this forum
-
5 identity priorities for 2021—strengthening security for the hybrid work era and beyond
by Guest Lauren Goodwin- 0 replies
- 0 views
When I outlined the five identity priorities for 2020, the world was a very different place. Since then, the COVID-19 pandemic has forever changed how organizations run their businesses. It’s also changed the way we work, learn, and collaborate. What hasn’t changed is the critical role identity plays in helping organizations to be secure and productive. Yesterday, we shared the progress we’ve made with our integrated security, compliance, identity, and management solutions. Identity alone has grown at an unprecedented pace—from 300 million monthly active users (MAU) in March 2020 to 425 million today. Organizations around the world have accelerated the adoption of secu…
-
The state of apps by Microsoft identity: Azure AD app gallery apps that made the most impact in 2020
by Guest Teri Seals-Dormer- 0 replies
- 0 views
2020 was an unprecedented year, to say the least. The COVID-19 global pandemic drastically changed how we work, learn, and collaborate. Organizations had to find new ways to connect and maintain productivity while providing secure access to critical apps and resources. Our own Microsoft services, like Teams, served as the lifeline for remote and hybrid work and learning during the pandemic—growing rapidly from 44 million daily active users in March 2020 to 115 million daily active users this past October. But we know that businesses need many tools and apps to succeed, and our commitment is to ensure that solutions work seamlessly and securely across platforms and extend …
-
Announcing the general availability of Azure Defender for IoT
by Guest Teri Seals-Dormer- 0 replies
- 0 views
As businesses increasingly rely on connected devices to optimize their operations, the number of IoT and Operational Technology (OT) endpoints is growing dramatically—industry analysts have estimated that CISOs will soon be responsible for an attack surface multiple times larger than just a few years ago. Today we are announcing that Azure Defender for IoT is now generally available. Defender for IoT adds a critical layer of security for this expanding endpoint ecosystem. In contrast to user devices (laptops and phones) and server infrastructure, many IoT and OT devices do not support the installation of agents and are currently unmanaged and therefore invisible to …
-
Protecting multi-cloud environments with Azure Security Center
by Guest Teri Seals-Dormer- 0 replies
- 0 views
We’ve heard from many of you that multi-cloud adoption is becoming a standard operating model for your organization and that it’s challenging to have the right security controls and posture across your environment. Historically, security teams have not had effective tools to secure multi-cloud infrastructure, and often they needed to address the problem by adding more people. This is why in September we introduced multi-cloud security support in public preview, and today we are excited to announce the general availability of these capabilities. Now you can onboard multi-cloud resources to Azure Security Center, such as Google Cloud Platform (GCP) and Amazon Web Service…
-
Microsoft surpasses $10 billion in security business revenue, more than 40 percent year-over-year growth
by Guest Jenny Erie- 0 replies
- 0 views
I joined Microsoft a little more than six months ago—amid a global pandemic and a new norm of remote work, as well as one of the most rapidly evolving threat landscapes in history. We’ve witnessed more sophisticated attacks, like the recent SolarWinds incident, as well as an increase in attack surfaces as devices and online experiences have become more central to the way we work, learn, and live. In solving these complex challenges alongside our customers and partners, Microsoft takes cybersecurity out of a place of fear and makes it about innovation and empowerment. Every single day, I am inspired by the team here, by their great wisdom, resilience, expertise, and by …
-
How companies are securing devices with Zero Trust practices
by Guest Teri Seals-Dormer- 0 replies
- 0 views
Organizations are seeing a substantial increase in the diversity of devices accessing their networks. With employees using personal devices and accessing corporate resources from new locations in record numbers, IT leaders are seeing an increase in their attack surface area. They’re turning to Zero Trust security models to ensure they have the visibility they need, and their data is protected as its accessed from outside the corporate network using a wider variety of devices. We surveyed IT leaders around the world to determine how they’re using Zero Trust practices to protect their devices and enable access to the corporate network from unsecured devices. More…
-
Identity governance: The power of “Why not?”
by Guest Teri Seals-Dormer- 0 replies
- 0 views
Innovation requires the courage to take risks and the leadership skills to show others that risks are worth taking. That’s why I love working with people like Joe Dadzie, a partner group program manager in identity governance. Joe has a long history of championing disruptive technology breakthroughs and delivering for our customers. He’s never shied away from pushing boundaries or breaking free from “the way we’ve always done things” to build better solutions. By his example, he inspires fearlessness in his team and in those he mentors. Joe’s achievements remind all of us in identity that when we focus on the needs of our customers, everyone wins. I hope you enjoy his rem…
-
Blue Cedar partners with Microsoft to combat BYOD issues
by Guest Teri Seals-Dormer- 0 replies
- 0 views
This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA. Bring Your Own Device (BYOD) has been a divisive topic within corporations for years. Employees wanted the convenience of working on their own smart devices, and business decision-makers recognized the cost and productivity benefits. IT teams knew unmanaged devices would result in more work and security holes. As you know, the business side won out. The line-of-business (LOB) mobile app market exploded, and BYOD became the rule rather than the exception. Today, corporate IT teams manage hundreds of mobile LOBs ranging from apps developed in house to…
-
The dynamic duo: How to build a red and blue team to strengthen your cybersecurity, Part 2
by Guest Lauren Goodwin- 0 replies
- 0 views
The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the first post of our new Voice of the Community blog series, Microsoft Product Marketing Manager Natalia Godyla talks with Jake Williams, Founder of Rendition InfoSec. In part two of this blog, Jake shares his best practices on how to structure and evolve red and blue teaming within your organization. What are best practices for organizations maturing their blue team? First and foremost, go in and look at the event logs and turn on all of the logging that you think will be useful. I work with blue teams today up and down th…
-
Deep dive into the Solorigate second-stage activation: From SUNBURST to TEARDROP and Raindrop
by Guest Eric Avena- 0 replies
- 0 views
More than a month into the discovery of Solorigate, investigations continue to unearth new details that prove it is one of the most sophisticated and protracted intrusion attacks of the decade. Our continued analysis of threat data shows that the attackers behind Solorigate are skilled campaign operators who carefully planned and executed the attack, remaining elusive while maintaining persistence. These attackers appear to be knowledgeable about operations security and performing malicious activity with minimal footprint. In this blog, we’ll share new information to help better understand how the attack transpired. Our goal is to continue empowering the defender communit…
-
Common policy configuration mistakes for managing Windows updates
by Guest Aria Carley- 0 replies
- 0 views
Misconfigured policies can prevent devices from updating and negatively affect monthly patch compliance. Explore common policy configuration mistakes that can hinder update adoption and result in a poor experience for your end users—and get guidance on how to review your Windows update policies to confirm your devices are configured correctly. Alternatively, you can leverage the Update Baseline tool to automatically apply the recommended set of Windows Update policies to your devices. Set deadlines (with a grace period) One of the most powerful resources that IT admins can use to support patch compliance is setting deadlines. A deadline is the number of days befor…
-
Using Zero Trust principles to protect against sophisticated attacks like Solorigate
by Guest Lauren Goodwin- 0 replies
- 0 views
The Solorigate supply chain attack has captured the focus of the world over the last month. This attack was simultaneously sophisticated and ordinary. The actor demonstrated sophistication in the breadth of tactics used to penetrate, expand across, and persist in affected infrastructure, but many of the tactics, techniques, and procedures (TTPs) were individually ordinary. Companies operating with a Zero Trust mentality across their entire environment are more resilient, consistent, and responsive to new attacks—Solorigate is no different. As threats increase in sophistication, Zero Trust matters more than ever, but gaps in the application of the principles—such as unp…
-
How IT leaders are securing identities with Zero Trust
by Guest Teri Seals-Dormer- 0 replies
- 0 views
The past twelve months have been a remarkable time of digital transformation as organizations, and especially digital security teams, adapt to working remotely and shifting business operations. IT leaders everywhere turned to Zero Trust approaches to alleviate the challenges of enabling and securing remote work. Using Zero Trust to secure users, data, and devices (wherever they may be) has changed from optional to a business imperative overnight. In this short report, we surveyed IT leaders around the world to determine how they’re implementing Zero Trust practices to protect their identities and ensure their employees have secure access to resources. Most IT leade…
-
Netlogon Domain Controller Enforcement Mode is enabled by default beginning with the February 9, 2021 Security Update, related to CVE-2020-1472
by Guest Aanchal Gupta- 0 replies
- 0 views
Microsoft addressed a Critical RCE vulnerability affecting the Netlogon protocol (CVE-2020-1472) on August 11, 2020. We are reminding our customers that beginning with the February 9, 2021 Security Update release we will be enabling Domain Controller enforcement mode by default. This will block vulnerable connections from non-compliant devices. DC enforcement mode requires that all Windows and non-Windows devices use secure RPC with Netlogon secure channel unless customers have explicitly allowed the account to be vulnerable by adding an exception for the … Netlogon Domain Controller Enforcement Mode is enabled by default beginning with the February 9, 2021 Security …
-
Simplify compliance and manage risk with Microsoft Compliance Manager
by Guest Lauren Goodwin- 0 replies
- 0 views
The cost of non-compliance is more than twice that of compliance costs. Non-compliance with the ever-increasing and changing regulatory requirements can have a significant impact on your organization’s brand, reputation, and revenue. According to a study by the Ponemon Institute and Globalscape, being compliant will cost you less compared to business disruptions, loss of revenue, and hefty fines. Data explosion and regulatory environment As organizations go through digital transformation, they are generating and consuming much more data than in the past to help them gain an edge over their competitors. This data is necessary to continue to stay relevant by empower…
-
Top MSRC 2020 Q4 Security Researchers – Congratulations!
by Guest Lynn Miyashita- 0 replies
- 0 views
We’re excited to announce the top contributing researchers for the 2020 Fourth Quarter (Q4)! Congratulations to all of the researchers who made this quarter’s leaderboard and a huge thank you to everyone who continues to help secure our customers and the ecosystem. The top three researchers of the 2020 Q4 Security Researcher Leaderboard are: Cameron … Top MSRC 2020 Q4 Security Researchers – Congratulations! Read More » Continue reading...
-
Increasing resilience against Solorigate and other sophisticated attacks with Microsoft Defender
by Guest Eric Avena- 0 replies
- 0 views
Even as investigations into the sophisticated attack known as Solorigate are still underway, details and insights about the tools, patterns, and methods used by the attackers point to steps that organizations can take to improve their defenses against similar attacks. Solorigate is a cross-domain compromise—comprehensive visibility and coordinated defense are critical in responding to the attack. The same unified end-to-end protection is key to increasing resilience and preventing such attacks. This blog is a guide for security administrators using Microsoft 365 Defender and Azure Defender to identify and implement security configuration and posture improvements that h…
-
-
- FPCH Admin
- 0 replies
- 0 views
We’re excited to announce the top contributing researchers for the 2020 Fourth Quarter (Q4)! Congratulations to all of the researchers who made this quarter’s leaderboard and a huge thank you to everyone who continues to help secure our customers and the ecosystem. The top three researchers of the 2020 Q4 Security Researcher Leaderboard are: Cameron Vincent (2065 points) , Yuki Chen (1535 points) , and Suresh C (862 points).
Last reply by Cloaked, -
-
Microsoft addressed a Critical RCE vulnerability affecting the Netlogon protocol (CVE-2020-1472) on August 11, 2020. We are reminding our customers that beginning with the February 9, 2021 Security Update release we will be enabling Domain Controller enforcement mode by default. This will block vulnerable connections from non-compliant devices. DC enforcement mode requires that all Windows and non-Windows devices use secure RPC with Netlogon secure channel unless customers have explicitly allowed the account to be vulnerable by adding an exception for the non-compliant device.
Last reply by Cloaked, -
Security Update Guide Supports CVEs Assigned by Industry Partners
by Guest MSRC Team- 0 replies
- 0 views
Hi Folks, This month we are introducing a new data element for each CVE in the Security Update Guide, called Assigning CNA. First let me back up a bit and give some information about the CVE program. The purpose of a CVE is to uniquely identify a cybersecurity vulnerability. The CVE program was started back … Security Update Guide Supports CVEs Assigned by Industry Partners Read More » Continue reading...
-
Azure Active Directory empowers frontline workers with simplified and secure access
by Guest Teri Seals-Dormer- 0 replies
- 0 views
Howdy folks, The past year has shown us all just how critical frontline workers are to our communities and our economy. They’re the people behind the counter, in the call centers, in hospital ICUs, on the supermarket floor—doing the critical work that makes the difference in feeding our families, caring for the sick, and driving the long-tail economy. Frontline workers account for over 80 percent of the global workforce—two billion people worldwide. Yet because of high scale, rapid turnover, and fragmented processes, frontline workers often lack the tools to make their demanding jobs a little easier. We believe identity is at the center of digital transformation and…
-
-
- FPCH Admin
- 0 replies
- 1 view
Hi Folks, This month we are introducing a new data element for each CVE in the Security Update Guide, called Assigning CNA. First let me back up a bit and give some information about the CVE program. The purpose of a CVE is to uniquely identify a cybersecurity vulnerability. The CVE program was started back in 1999 and is funded by the US federal government, currently out of the Cybersecurity and Infrastructure Security Agency (CISA).
Last reply by Cloaked, -
-
Scan changes and certificates add security for Windows devices using WSUS for updates
by Guest Aria Carley- 0 replies
- 0 views
To help prevent man-in-the-middle attacks, the January 2021 cumulative update for Windows 10 further improves security for devices that scan Windows Server Update Services (WSUS) for updates. These improvements build on the security changes for Windows devices scanning WSUS we introduced on September 8, 2020 and can be combined with certificate pinning for greater security. I'll now explain these changes in more detail. Scanning behavior changes For devices scanning HTTPS-configured WSUS servers For those using proxies, we have switched to using system proxy first, rather than user proxy. This ensures that we are first trying the most secure proxy path if a pro…
-
Building Faster AMD64 Memset Routines
by Guest Joe Bialek- 0 replies
- 0 views
Over the past several years, Microsoft has rolled out several changes that result in more memory being zeroed. These mitigations include: The InitAll mitigation which zeros most stack variables Switching most Microsoft kernel code over to the ExAllocatePool2/ExAllocatePool3 API’s which zero memory by default. Where possible the compiler will unroll calls to memset. This means … Building Faster AMD64 Memset Routines Read More » Continue reading...
-
New Surface PCs enable virtualization-based security (VBS) by default to empower customers to do more, securely
by Guest Eric Avena- 0 replies
- 0 views
VBS and HVCI-enabled devices help protect from advanced attacks Escalation of privilege attacks are a malicious actor’s best friend, and they often target sensitive information stored in memory. These kinds of attacks can turn a minor user mode compromise into a full compromise of your OS and device. To combat these kinds of attacks, Microsoft developed virtualization-based security (VBS) and Hypervisor-protected code integrity (HVCI, also commonly referred to as memory integrity). VBS and HVCI use the power of hardware capabilities like virtualization to provide better protection against common and sophisticated malware by performing sensitive security operations in…