Microsoft Support & Discussions

Severity Rating: Important Revision Note: V1.0 (March 14, 2017): Click here to enter text. Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker with access to the local system executes a malicious application. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. Continue reading...

Severity Rating: Critical Revision Note: V1.0 (March 14, 2017): Bulletin published. Summary: This security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts w…

Today we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide. Security bulletins were also published this month to give customers extra time to ensure they are ready to transition their processes.

The phones came with malware, ransomware, adware installed Somewhere in the supply chain of some Android phones that reached two companies, there was a weak link which allowed 38 devices to become infected with malware. According to Check Point Software Technologies, several malware types were found on 38 Android devices that landed on the doorstep of two unidentified companies. The malicious apps weren't part of the official ROM firmware supplied by phone manufacturers but were added later, somewhere along the supply chain. Researchers say that in six of the cases, malware was present installed to the ROM using system privileges. All these devices had to g…

The app was spotted on a third party app store A version of Facebook Lite circulating on third-party app stores is infected with Spy FakePlay Trojan. Instead of coming from Facebook, the app was actually developed by some people in China. According to researchers from Malwarebytes Labs, this version of the popular mobile app Facebook Lite, which is a more compact version of the original app, using less data, was found infected with Android/Trojan.Spy.FakePlay. The app works just as it is supposed to, but there's that extra malicious activity working in the background that kind of hampers the mood. The fake app uses a malicious receiver (com.google.update…

Both earn their money in the advertising trade but they each have very different means of operation and targets. Adware and ad fraud are in basically the same business, and neither care very much how they make money as long as it keeps pouring in. But there are some major differences. To understand these differences let’s take a look at the separate entities. Adware Adware is any software application that shows advertisements while one of the components of the adware is running. The word is a contraction of advertising and software, and often just regarded as “advertising-supported freeware.” With adware, consumers accept the well-known trade off of not …

Someone leaked the decryption keys for the program online Computer users who have been affected by the Dharma ransomware and have held onto their encrypted files can now restore them for free. Researchers have created decryption tools for this ransomware strain after someone recently leaked the decryption keys. Dharma first appeared in November and is based on an older ransomware program known as Crysis. It's easy to recognize files affected by it because they will have the extension: .[email_address].dharma, where the email address is the one used by the attacker as a point of contact. On Wednesday, a user named gektar published a link to a Pastebin post…

This post was authored by the Windows Server Team. Today we are announcing the general availability of Windows Server Premium Assurance with which you can add the flexibility to keep systems running without disruption as you modernize. When you purchase Premium Assurance, you receive “critical” and “important” security updates and bulletins for six additional years after the end of Extended Support. This means you can get up to 16 years of total support beginning from Windows Server 2008 and 2008 R2 versions. The best time to purchase is now. You can get the lowest price and lock in savings if you purchase Premium Assurance through June 2017. Prices will increase ov…

Microsoft strives to protect our customers and we’re constantly improving our security posture to meet their needs. We realize the desire of researchers and customers to security test our services to ensure they can trust us and our solutions. We also believe that if a researcher informs us of a security flaw in our Office 365 services, they should be awarded for protecting us. These discoveries along with our internal security testing efforts contribute to keeping our users safe. Keeping in line with our philosophy of protecting users and awarding researchers, we are pleased to announce an update to our Online Services bounty program. We will be giving out double rewa…

Microsoft strives to protect our customers and we’re constantly improving our security posture to meet their needs. We realize the desire of researchers and customers to security test our services to ensure they can trust us and our solutions. We also believe that if a researcher informs us of a security flaw in our Office 365 services, they should be awarded for protecting us.

Today, a group of eight researchers from across the security industry released a research report on SHA-1 that demonstrates for the first time, a “hash collision” for the full SHA-1 hash algorithm (called “SHAttered”). This is a significant step toward understanding this type of security issue, a milestone in cryptanalysis that has been underway for the past decade. The report website also includes a tool co-authored by my colleague Dan Shumow (Senior Software Development Engineer, Security & Cryptography, Microsoft Research) that can be used to detect the presence of a collision in a file. SHA-1 is used in digital certificates (TLS) and code signing applications. …

Today, a group of eight researchers from across the security industry released a research report on SHA-1 that demonstrates for the first time, a “hash collision” for the full SHA-1 hash algorithm (called “SHAttered”). This is a significant step toward understanding this type of security issue, a milestone in cryptanalysis that has been underway for the past decade.

Today, we released an Adobe Flash Player security update to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about these updates can be found on the Security Update Guide. MSRC team Continue reading...

Severity Rating: Critical Revision Note: V1.0 (February 21, 2017): Bulletin published. Summary: This security update resolves vulnerabilities in Adobe Flash Player when installed on all supported editions of Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT 8.1, and Windows 10. Continue reading...

Today, we released an Adobe Flash Player security update to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about these updates can be found on the Security Update Guide. MSRC team

TeamSpy is back and it's turning TeamViewer into the spying tool that no one wants. According to security firm Heimdal, a new spam campaign emerged over the weekend, carrying the TeamSpy malware which can give hackers full access to a compromised computer. This isn't a new type of malware whatsoever. In fact, back in 2013, it was wrecking havoc in countless computers. Back then, attackers were gathering information from victims, be them ordinary users or high profile individuals working in industries or research, or even diplomats. This time around, however, it seems that TeamViewer has not been compromised as it happened in the past, so reusing their password…

If you were one of the customers who took time to evaluate the technical previews of Windows Server last year, thank you! Your testing and feedback helped us improve and deliver a great release of Windows Server 2016 for general availability in October 2016. If you are still testing on one of these technical previews, we wanted to let you know about the great options to evaluate the generally available version of Windows Server 2016: Download a free 180-day evaluation version Try it in Azure Free Windows Server 2016 Virtual Labs on TechNet We continue to value your feedback, so please reach out to our User Voice or TechNet forums and let us know what you thi…

Our top priority is to provide the best possible experience for customers in maintaining and protecting their systems. This month, we discovered a last minute issue that could impact some customers and was not resolved in time for our planned updates today. After considering all options, we made the decision to delay this month’s updates. We apologize for any inconvenience caused by this change to the existing plan. MSRC Continue reading...

UPDATE: 2/15/17: We will deliver updates as part of the planned March Update Tuesday, March 14, 2017. Our top priority is to provide the best possible experience for customers in maintaining and protecting their systems. This month, we discovered a last minute issue that could impact some customers and was not resolved in time for our planned updates today.

Have you ever noticed that all Windows built-in drivers have the same value in the last update field? Have you wondered why? If you read Windows update logs, it's pretty obvious that Microsoft updates its drivers, so why isn't that date changing? Well, Microsoft has now explained why this happens, and according to Microsoft software engineer Raymond Chen, this isn't an accident or bug, but intentional behavior, meant to allow users always to use the most appropriate driver. Only Microsoft drivers show this date To understand why this happens, you need to know that your computer runs using drivers that come built-in with your Windows OS, and drivers users install …

We know every time we launch a new Windows Server version our customers get excited to try the new features. But while some folks love getting their hands dirty setting up new servers, storage, cables, etc., not everyone has a lot of time to do this. With the new virtual labs for Windows Server 2016, we made it a lot quicker and easier for you to get your hands dirty on the fun part! Today we’re announcing the availability of the new Windows Server 2016 virtual labs. These TechNet Virtual Labs provide a real-world environment along with guidance on how to try the new features. Here are the new lab scenarios you can try out: Implementing Breach Resistance Security i…

Netflix Login Generator will lock up your computer If you want to watch Netflix, get an account and stop downloading apps that promise you free access because you might end up paying a lot more than what a monthly plan is worth since one new app is laced with ransomware. According to a Kaspersky blog post, one new app called Netflix Login Generator promising free Netflix access has a malware strain attached. It’s called Netix, it encrypts users’ data and demands $100 in Bitcoins to unlock the files. So how does the app work? Well, first you download it, hoping you’d be able to use those leaked Netflix accounts to enjoy some movies for free. Once installed…

Calling all Windows Server users! Whether you’ve already upgraded to Windows Server 2016 or you’re still on Windows Server 2012 and want to try the newest version, we want to hear from you. Tell us about your experience with Windows Server 2016 and you’ll get the chance to win a Microsoft Surface Pro 4. Still on Windows Server 2012? That’s okay – we have a free virtual lab so you can give it a test drive. Then just write a review on Spiceworks, register for the sweepstakes, and you’re entered to win. For those who don’t know, Windows Server 2016 is the cloud-ready operating system built to support your current workloads and allow you to transition to the cloud. Azur…