Microsoft Support & Discussions

Today there are more than 1.3 billion active monthly devices on Windows 10. To keep these devices updated with feature and quality updates at such scale, we apply machine learning using diagnostic data to generate insights into how an update deployment is going. These insights help us better understand the dependencies between different components in the diverse ecosystem of Windows devices and applications, and help us maintain our focus on compatibility, one of our top priorities for updating Windows devices. Our goal is to keep all Windows devices running smoothly and without interruption. To support you as you configure and manage updates across your organization, …

The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest Voice of the Community blog series post, Microsoft Product Marketing Manager Natalia Godyla talks with attorney Whitney Merrill, an expert on privacy legal issues and Data Protection Officer and Privacy Counsel at Asana. The thoughts below reflect her views, not the views of her employer, and are not legal advice. In this blog, Whitney talks about building a privacy program and offers best practices for privacy training. Natalia: How do security, privacy, and regulatory compliance intersect? Whitney: Security and pr…

As a father of a child on the Autism spectrum who relies completely on digital media for his learning, I fully appreciate the impact that digital accessibility can have on people with disabilities. Designing with accessibility in mind greatly expands the impact of Microsoft solutions. What many don’t realize, however, is that the impact of accessible design is even bigger than that. When we design for accessibility, everyone benefits. For example, television video captioning was initially designed for the benefit of people who are hard-of-hearing. Today, it’s far more widely used, such as in loud places where people still want to watch TV and follow the context of the …

Today Microsoft released an Out-of-Band (OOB) security update for CVE-2021-34527, which is being discussed externally as PrintNightmare. This is a cumulative update release, so it contains all previous security fixes and should be applied immediately to fully protect your systems. The fix that we released today fully addresses the public vulnerability, and it also includes a new feature that allows customers to implement stronger protections. See: KB5005010: … Out-of-Band (OOB) Security Update available for CVE-2021-34527 Read More » Continue reading...

The pandemic of 2020 has reshaped how we engage in work, education, healthcare, and more, accelerating the widespread adoption of cloud and remote-access solutions. In today’s workplace, the security perimeter extends to the home, airports, the gym—wherever you are. To keep pace, organizations require a security solution that delivers centralized visibility and automation; one that can scale to meet their needs across a decentralized digital estate. As a cloud-native security information and event management (SIEM) solution, Microsoft Azure Sentinel is designed to fill that need, providing the scope, flexibility, and real-time analysis that today’s business demands. In…

With the announcement that the future of Internet Explorer on Windows 10 is in Microsoft Edge, you might be thinking, how do I start moving from Internet Explorer 11 (“IE11”) to Microsoft Edge? Whether you rely on IE11 exclusively or use it in tandem with another browser to specifically access older legacy websites and applications, Microsoft is committed to helping you prepare and move to its replacement: Microsoft Edge with Internet Explorer mode (IE mode). Editor’s note: Welcome to the IE to Edge blog series, an ongoing series of articles designed to help you move from Internet Explorer 11 to Microsoft Edge! Each will focus on a different relevant topic to h…

The continuous improvement of security solutions has forced attackers to explore alternative ways to compromise systems. The rising number of firmware attacks and ransomware attacks via VPN devices and other internet-facing systems are examples of attacks initiated outside and below the operating system layer. As these types of attacks become more common, users must look to secure even the single-purpose software that run their hardware—like routers. We have recently discovered vulnerabilities in NETGEAR DGN-2200v1 series routers that can compromise a network’s security—opening the gates for attackers to roam untethered through an entire organization. We discovered the…

We are operating in the most complex cybersecurity landscape that we’ve ever seen. While our current ability to detect and respond to attacks has matured incredibly quickly in recent years, bad actors haven’t been standing still. Large-scale attacks like those pursued by Nobelium1 and Hafnium, alongside ransomware attacks on critical infrastructure indicate that attackers have become increasingly sophisticated and coordinated. It is abundantly clear that the work of cybersecurity and IT departments are critical to our national and global security. Microsoft has a unique level of access to data on cyber threats and attacks globally, and we are committed to sharing this …

The Security Stack Mappings for Azure research project was published today, introducing a library of mappings that link built-in Azure security controls to the MITRE ATT&CK® techniques they mitigate against. Microsoft once again worked with the Center for Threat-Informed Defense and other Center members to publish the mappings, which pair the familiar language of the ATT&CK framework with the concrete coverage Azure provides to protect organizations’ attack surfaces. Microsoft is pleased that community interest in seeing such mappings for Azure led to its use as the pilot cloud platform for this endeavor. The project aims to fill an information gap for orga…

The cybersecurity challenges of today require a diversity of skills, perspectives, and experiences, yet women remain underrepresented in this field. On International Women’s Day, some Microsoft Security women leaders penned a powerful blog highlighting the underrepresentation of women in cybersecurity (women make up just 24 percent of the cybersecurity workforce, according to the 2019 (ISC)² report, Cybersecurity Workforce Study: Women in Cybersecurity1), and the critical need for diverse perspectives in solving 21st Century cybersecurity challenges. While recent studies2 indicate an increase in the percentage of women in cybersecurity, they remain the minority of the wor…

Over the last year, PCs have kept us connected to family, friends, and enabled businesses to continue to run. This new hybrid work paradigm has got us thinking about how we will continue to deliver the best possible quality, experience, and security for the more than 1 billion people who use Windows. While we have adapted to working from home, it’s been rare to get through a day without reading an account of a new cybersecurity threat. Phishing, ransomware, supply chain, and IoT vulnerabilities—attackers are constantly developing new approaches to wreak digital havoc. But as attacks have increased in scope and sophistication, so have we. Microsoft has a clear vision fo…

How to think about building a threat intelligence program The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest Voice of the Community blog series post, Microsoft Product Marketing Manager Natalia Godyla talks with Red Canary Director of Intelligence Katie Nickels, a certified instructor with the SANS Institute. In this blog, Katie shares strategies, tools, and frameworks for building an effective threat intelligence team. Natalia: Where should cyber threat intelligence (CTI) teams start? Katie: Threat intelligence is all about helping organizations make decisions…

Every day in the ever-changing technology landscape, we see boundaries shift as new ideas challenge the old status quo. This constant shift is observed in the increasingly sophisticated and connected tools, products, and services people and organizations use on a daily basis, but also in the security that needs to be built into these technologies to protect them against adversaries intent on abusing the same technologies for nefarious purposes. At Microsoft, we are committed to harnessing the immense potential of AI to help solve many of our technology concerns today. We believe that working on the “bleeding edge” offers one of the best ways to serve our customers and …

This blog post is part of the Microsoft Intelligent Security Association (MISA) guest blog series. Learn more about MISA. The way of working is changing rapidly. Many workloads are moving to the cloud and the pandemic accelerated organizations to provide infrastructure to aid employees working from anywhere (or mostly from home) at any time and, when possible, from any device (corporate or private). The security team needs to keep up with an increased workload on top of their often already stretched budget, resources, and focus. Working through many alerts from ever-changing situations is challenging: how can they prioritize? And how can they handle them with only a fi…

On February 25, 2020, Microsoft Chief Information Security Officer (CISO) Bret Arsenault was attending the RSA Conference in San Francisco when the city declared a state of emergency because of COVID-19. Shortly after flying back to Seattle, Bret learned of the first death from the coronavirus in Washington state. He and other members of Microsoft’s Risk Management Council worked on the company’s crisis response. To kick off National Cybersecurity Awareness Month, I spoke with Bret Arsenault on a recent episode of Afternoon Cyber Tea with Ann Johnson. As CISO, Bret is responsible for disaster recovery at the enterprise level. He is the chair of Microsoft’s Risk Managem…

Microsoft 365 Defender researchers recently uncovered and disrupted a large-scale business email compromise (BEC) infrastructure hosted in multiple web services. Attackers used this cloud-based infrastructure to compromise mailboxes via phishing and add forwarding rules, enabling these attackers to get access to emails about financial transactions. In this blog, we’ll share our technical analysis and journey of unraveling this BEC operation, from the phishing campaign and compromised mailboxes to the attacker infrastructure. This threat highlights the importance of building a comprehensive defense strategy, which should include strong pre-breach solutions that can prev…

The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest Voice of the Community blog series post, Microsoft Product Marketing Manager Natalia Godyla talks with Matthew Hickey, co-founder, CEO, and writer for Hacker House. In this blog post, Matthew talks about the benefits of a purple team and offers best practices for building a successful one. Natalia: What is a purple team, and how does it bridge red and blue teams? Matthew: The traditional roles involve a blue team that acts as your defenders and a red team that acts as your attackers. The blue team wants to protect t…

What is CRSP? Microsoft Global Compromise Recovery Security Practice. Who is CRSP? We are a worldwide team of cybersecurity experts operating in most countries, across all organizations (public and private), with deep expertise to secure an environment post-security breach and to help you prevent a breach in the first place. As a specialist team within the wider Microsoft cybersecurity functions, we predominantly focus on reactive security projects for our customers. The main types of projects we undertake are: Compromise recovery: Giving customers back control of their environment after a compromise. Rapid ransomware recovery: Restore business-critic…

Security is a constant balance between proactive and reactive defenses. They are both equally important, and neither can be neglected. Effectively protecting your organization means constantly optimizing both prevention and detection. That’s why we’re excited to announce a seamless integration between Azure Firewall and Azure Sentinel. Now, you can get both detection and prevention in the form of an easy-to-deploy Azure Firewall solution for Azure Sentinel. Combining prevention and detection allows you to ensure that you both prevent sophisticated threats when you can, while also maintaining an “assume breach mentality” to detect and quickly respond to cyberattacks.…

Today, I'm offering an overview of the product lifecycle and details on how we will service Windows 11. Last week we announced Windows 11, the future of Windows for all users. Windows 11 is built on the familiar Windows 10 foundation and will begin to be available the second half of this year. When we originally released Windows 10, we made a commitment to keep devices protected and productive through best-in-class servicing. We are pleased with the progress we have made in keeping over 1.3 billion devices updated on a global scale. Along with the end user experience and security improvements in Windows 11, we are also introducing enhancements you have suggested and as…

The Microsoft Threat Intelligence Center is tracking new activity from the NOBELIUM threat actor. Our investigation into the methods and tactics being used continues, but we have seen password spray and brute-force attacks and want to share some details to help our customers and communities protect themselves. This recent activity was mostly unsuccessful, and the majority of targets were not successfully compromised – we … New Nobelium activity Read More » Continue reading...

The security landscape continues to rapidly evolve as threat actors find new and innovative methods to gain access to environments across a wide range of vectors. As the industry moves closer to the adoption of a Zero Trust security posture with broad and layered defenses, we remain committed to sharing threat intelligence with the community … Investigating and Mitigating Malicious Drivers Read More » Continue reading...

The cybersecurity challenges of today require a diversity of skills, perspectives, and experiences, yet women remain underrepresented in this field. On International Women’s Day, some Microsoft Security women leaders penned a powerful blog highlighting the underrepresentation of women in cybersecurity (women make up just 24 percent of the cybersecurity workforce, according to the 2019 (ISC)² report, Cybersecurity Workforce Study: Women in Cybersecurity1), and the critical need for diverse perspectives in solving 21st Century cybersecurity challenges. While recent studies2 indicate an increase in the percentage of women in cybersecurity, they remain the minority of the wor…

Over the last year, PCs have kept us connected to family, friends, and enabled businesses to continue to run. This new hybrid work paradigm has got us thinking about how we will continue to deliver the best possible quality, experience, and security for the more than 1 billion people who use Windows. While we have adapted to working from home, it’s been rare to get through a day without reading an account of a new cybersecurity threat. Phishing, ransomware, supply chain, and IoT vulnerabilities—attackers are constantly developing new approaches to wreak digital havoc. But as attacks have increased in scope and sophistication, so have we. Microsoft has a clear vision fo…