Microsoft Support & Discussions

To help you track what's happening at Microsoft Ignite about Windows 365, we're sharing this blog with highlights of new features, sessions, videos, blogs, and more. Let's get started! New Windows 365 features announced at Microsoft Ignite Here's a quick summary of all the new Windows 365 features available today or coming soon. Windows 365 web client improvements Faster load times Higher performance and reliability Local resource settings Alternative keyboards Edit settings in‑session Accessibility improvements Bookmark Cloud PCs Native Azure AD Join support No domain controller required No Azure subscription or virtual network required S…

Securing an organization has never been simple. But over the past year, we’ve seen significant changes in the threat landscape that are having a major impact on organizations of every size in every sector. The frequency and sophistication of cyber events have increased significantly. We see headlines every day now of phishing schemes and ransomware attacks. Organizations and agencies that were once considered “off-limits,” like critical infrastructure or healthcare organizations, are now being targeted by bad actors, adding risk to human life. And with hybrid work here to stay, the attack surface has expanded as personal devices become an essential part of the corporat…

Cybersecurity threats are always evolving, and today we’re seeing a new wave of advanced attacks specifically targeting IoT devices used in enterprise environments as well as operational technology (OT) devices used in industrial systems and critical infrastructure (like ICS/SCADA). It’s not surprising since 60 percent of security practitioners believe IoT and OT security is one of the least secured aspects of their organization and less than 50 percent of organizations have deployed solutions designed specifically to secure their IoT and OT devices. Customers recognize that these types of devices are often unpatched, misconfigured, and unmonitored, making them the ideal …

Microsoft has discovered a vulnerability that could allow an attacker to bypass System Integrity Protection (SIP) in macOS and perform arbitrary operations on a device. We also found a similar technique that could allow an attacker to elevate their privileges to root an affected device. We shared these findings with Apple through Coordinated Vulnerability Disclosure (CVD) via Microsoft Security Vulnerability Research (MSVR). A fix for this vulnerability, now identified as CVE-2021-30892, was included in the security updates released by Apple on October 26, 2021. SIP is a security technology in macOS that restricts a root user from performing operations that may comprom…

As we approach the last week of Cybersecurity Awareness Month, I think about what is top of mind for myself and my peers in security. The past year has continued the 2020s major shift in the way organizations operate. Recent data shows that 81 percent of enterprise organizations have begun the move toward a hybrid workplace, with 31 percent of those surveyed already fully adopted. As the public and private sectors continue to enable hybrid work, the attack surface for cyber threats has expanded, and threat actors have been quick to exploit any vulnerabilities. In response, organizations have enforced various security controls to revamp their security postures. For example…

Greetings everyone! In the spirit of the great barnstormers, we've dawned our leather helmets, goggles, scarves, and gloves as we seek to create the very best engineering-focused Windows content for Microsoft Ignite. (Royalty free image courtesy of Unsplash.com (link) Our teams are actively building their ideas and content for their sessions. We continue to focus on what we call the "E2E", or engineer-to-engineer, model, when it comes to content creation. Why? Quite simply, we want to support you—with prescriptive, actionable guidance that will help you and your organizations take the guesswork out of Windows client features, services, and processes. We are co…

Welcome to your guide to all things Windows at Microsoft Ignite, November 2-4, 2021! Short on time? Jump straight to: Core sessions | Interactive experiences | Foundational skills | Depth on demand | Related sessions | Windows Office Hours | Additional resources Windows 11 is designed to support hybrid work, to protect from the chip to the cloud, and to enable you—the IT pro—to provide productive, collaborative experiences for your end users. Whether you are preparing to roll out Windows 11 across your organization or looking for proven tips to help you more easily manage all your Windows devices, we have a lot in store for you at Microsoft Ignite next week! Cli…

Over the past year, the Microsoft Detection and Response Team (DART), along with Microsoft’s threat intelligence teams, have observed an uptick in the use of password sprays as an attack vector. This threat is a moving target with techniques and tools always changing, and Microsoft continues to find new ways to detect these types of attacks and help protect its customers. In this blog, we are going to define what password sprays are, detail DART’s investigation techniques and approach to responding to password spray attacks, and outline our recommendations for protecting against them. Why are identity-based attacks suddenly so popular? Previously, threat actors…

We are excited to announce the launch of Comms Hub to the Researcher Portal submission experience! With this launch, security researchers will be able to streamline communication with MSRC case SPMs (case managers), attach additional files, track case and bug bounty status all in the Researcher Portal. Summary – What is Comms Hub? Comms Hub … We’re Excited to Announce the Launch of Comms Hub! Read More » Continue reading...

Microsoft is proud to promote Cybersecurity Awareness Month as part of our ongoing commitment to security for all. Year-round, Microsoft tracks nation-state threat activities to help protect organizations and individuals from these advanced persistent actors. We’re constantly improving our capabilities to bring better detections, threat context, and actor knowledge to our customers so they can improve their own defenses. To learn more about how Microsoft responds to nation-state attacks and how to defend your organization, watch the Decoding NOBELIUM docuseries. Hear directly from the frontline defenders who helped protect organizations against the most sophisticated atta…

The Microsoft Threat Intelligence Center (MSTIC) has detected nation-state activity associated with the threat actor tracked as NOBELIUM, attempting to gain access to downstream customers of multiple cloud service providers (CSP), managed service providers (MSP), and other IT services organizations (referred to as “service providers” for the rest of this blog) that have been granted administrative or privileged access by other organizations. The targeted activity has been observed against organizations based in the United States and across Europe since May 2021. MSTIC assesses that NOBELIUM has launched a campaign against these organizations to exploit existing technical …

As workplaces around the world embrace hybrid work, Zero Trust provides the guiding strategy that keeps companies secure. However, no two organizations are alike. The Zero Trust journey will look unique for every organization that implements it. This means we must work together to create solutions that support the varied workplaces that exist today. At Microsoft, our mission is to create an amazing Zero Trust platform that protects our customers no matter what solutions they use. We realize that our customers use products that work well for them, and so we strive to meet them where they are. Our solutions are from Microsoft, but not just for Microsoft. To this end, …

As part of Cybersecurity Awareness Month, we published a special blog post earlier this week featuring real-world experiences shared by cybersecurity professionals: people with diverse backgrounds in law, academia, software development, and other seemingly unrelated fields. This topic is near and dear to my heart because I truly believe that diversity—people with diverse skills, backgrounds, cultures, and life experiences—is the key element for making the next generation of cybersecurity professionals even more effective. Today’s world is connected in ways we could only imagine 20 years ago. Digital transformation means the workplace, classrooms, retail outlets, and mo…

A phishing kit built using pieces of code copied from other kits, some available for sale through publicly accessible scam sellers or are reused and repackaged by other kit resellers, provides rich insight into the state of the economy that drives phishing and email threats today. We uncovered this phishing kit while examining an extensive series of credential phishing campaigns that all sent credentials to a set of endpoints operated by the attackers. We named the kit “TodayZoo” because of its curious use of these words in its credential harvesting component in earlier campaigns, likely a reference to phishing pages that spoofed a popular video conferencing applicatio…

Today, following the 25th year anniversary of Microsoft Sysinternals, we are announcing the general availability of a new Microsoft Sysmon report in VirusTotal. Whether you’re an IT professional or a developer, you’re probably already using Microsoft Sysinternals utilities to help you manage, troubleshoot, and diagnose your Windows systems and applications. The powerful logging capabilities of Sysinternals utilities became indispensable for defenders as well, enabling security analytics and advanced detections. The System Monitor (Sysmon) utility, which records detailed information on the system’s activities in the Windows event log, is often used by security products …

Send Microsoft Edge promotional emails through a new feature in the Setup page of the Microsoft 365 admin center, titled “Get fast, secure browsing with Microsoft Edge”. This is expected to be released towards the end of October 2021 and will provide admins with the opportunity to encourage the use of Microsoft Edge in their organization by sending an email to their users. Admins will be provided with three options they can choose to include in the email they send to their users. A download link for Microsoft Edge Instructions on how to sign in and sync passwords, favorites, and settings Instructions on how to turn on security and performance features in Micr…

We are excited to share that Microsoft has been named a Leader in The Forrester New Wave: Extended Detection and Response (XDR), Q4, 2021,1 receiving one of the highest scores in the strategy category. Microsoft 365 Defender was rated as “differentiated” in seven criteria including detection, investigation, and response, and remediation. Forrester notes that “there is a deep divide in the XDR market between those far along the path and those just starting to deliver on the vision of XDR,” and that of mature providers “combine the best elements of their portfolios, including industry-leading products, to simplify incident response and build targeted, high-efficacy detec…

Are you currently studying information security? Or are you considering transitioning to a career in cybersecurity? According to the US Bureau of Labor Statistics, cybersecurity jobs will grow 31 percent from 2019 to 2029—more than six times the national average job growth.1 Cybersecurity skills are clearly in high demand. But more than that, cybersecurity is a rewarding career attracting many bright, passionate practitioners and leaders who are invested in making the world a better, more secure place. As part of Cybersecurity Awareness Month and this week’s theme on cybersecurity careers, we are focusing this blog on top experts in the industry who will share insights…

Microsoft is excited to announce new Azure Bounty Program awards up to $60,000 to encourage and reward vulnerability research focused on the highest potential impact to customer security. These increased awards are a part of our ongoing investment in partnership with the security research community, and an important part of Microsoft’s holistic approach to defending … New High Impact Scenarios and Awards for the Azure Bounty Program Read More » Continue reading...

Microsoft Teams has seen a surge in growth during the pandemic with over 115 million daily active users and growing.1 With it, customer imperative for enabling safe and trustworthy online collaboration has also increased significantly. The speed and simplicity of Teams business users creating new teams and channels demands that IT and security groups have advanced tools and controls they might need to ensure business-critical information is properly protected. archTIS’ NC Protect has integrated with Microsoft Information Protection (MIP) to empower IT and business owners to easily create secure teams and channels and enable guest access, enforcing Zero Trust policies a…

Congratulations to all the researchers recognized in this quarter’s MSRC Researcher Recognition Program leaderboard! Thank you to everyone for your hard work and continued partnership to secure customers. The top three researchers of the 2021 Q3 Security Researcher Leaderboard are: BugHunter010 (840 points), Callum Carney (828 points), and Nir Ohfeld (525 points)! Each quarterly leaderboard … Congratulations to the Top MSRC 2021 Q3 Security Researchers! Read More » Continue reading...