Microsoft Support & Discussions

Adobe's Flash Player update has been late this time around, but it's here now, and users have a good reason to upgrade since one of the 18 security holes plugged during this month's release is an issue used in real-world malware attacks. In its security newsletter, the company admits that it's aware that "an exploit exists for CVE-2016-1010," which Kaspersky Labs discovered being used in the wild. CVE-2016-1010, CVE-2016-0963 and CVE-2016-0993 are security vulnerabilities that allow attackers to launch malicious code on the target's computer by exploiting an integer overflow in how some internal Flash functions operate. Flash team has been quite busy this month …

Cyber security will be a main focus at the Microsoft Envision conference, reflecting the topic’s importance to every executive or business leader who sets strategy for a company, business unit or government agency. More than a dozen sessions will address cyber security at Envision, which begins April 4 in New Orleans, including topics such as what questions to ask a security team, managing security, surveillance and keeping highly regulated industries safe. Microsoft Envision will focus on business leaders, specifically decision makers in operations, finance, sales, marketing and IT who are ready to be leaders not only in their organization but in their industry. It…

The world around us, every business and nearly every industry, is being transformed by technology. This disruption is driven, in part, by the intersection of three trends: a massive explosion of data, intelligence from machine learning and advanced analytics, and the economics and agility of cloud computing. While databases power nearly every aspect of business today, they were not originally designed with this disruption in mind. Traditional databases were about recording and retrieving transactions such as orders and payments very reliably, very securely and efficiently. They were designed to enable reliable, secure, mission-critical transactional applications at sma…

Today, we are releasing Windows 10 Mobile Insider Preview Build 14283 to Windows Insiders in the Fast ring. As a reminder, we are initially making new mobile builds from our Development Branch available only to devices that shipped with Windows 10 Mobile. Currently this includes the Lumia 950, 950 XL, 650, 550, Xiaomi Mi4, and ALCATEL ONETOUCH Fierce XL. We plan to expand to other devices once we start releasing Windows 10 Mobile to other devices. If you are a Windows Insider on a device not mentioned above, you can stay in the Fast ring and sit tight until we expand to other devices or go back to Build 10586 and switch to the Release Preview ring to continue helping u…

Today we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to apply security updates as soon as they are released. More information about this month’s security updates can be found in the Security TechNet Library. MSRC Team Continue reading...

Severity Rating: Critical Revision Note: V1.0 (March 10, 2016): Bulletin published. Summary: This security update resolves vulnerabilities in Adobe Flash Player when installed on all supported editions of Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT 8.1, and Windows 10. Continue reading...

From tip-off to the final buzzer, NCAA March Madness Live for Windows 10 is ready with all the action of the NCAA Division I Men’s Basketball Championship – and it’s free to download beginning today in the Windows Store. The all new universal Windows app is part of our broader partnership with the NCAA to bring the action of March Madness to Windows fans. NCAA March Madness Live for Windows 10 is ready to deliver every tip-off, layup, 3-pointer and slam-dunk of this year’s NCAA Tournament. Download the app for access to live-stream video of all 67 tournament games (there’s a temporary preview period; after that, login is required to view live game streaming). …

This post was authored by Erin Chapple, Director of Program Management for Windows Server. 2016 is a big year for the Microsoft datacenter product portfolio. We have new versions of Windows Server and SQL Server coming out, both available in Technical Preview now. The Windows Server and SQL Server partnership is a strong one that spans decades. From the early days in 1993 with Windows NT and SQL Server 4.21 to today, where Microsoft is recognized by Gartner in the OLTP Magic Quadrant as surpassing Oracle and IBM1. The combination of Windows Server and SQL Server is also the most frequently deployed commercial database platform. Today I’d like to showcase some of th…

Today we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to apply security updates as soon as they are released. More information about this month’s security updates can be found in the Security TechNet Library. MSRC Team

Today we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to apply security updates as soon as they are released. More information about this month’s security updates and advisories can be found in the Security TechNet Library. MSRC Team Continue reading...

Today we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to apply security updates as soon as they are released. More information about this month’s security updates and advisories can be found in the Security TechNet Library. MSRC Team Continue reading...

Today we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to apply security updates as soon as they are released. More information about this month’s security updates and advisories can be found in the Security TechNet Library. MSRC Team Continue reading...

Today we released security updates to provide protections against malicious attackers. As a best practice, we encourage customers to apply security updates as soon as they are released. More information about this month’s security updates and advisories can be found in the Security TechNet Library. MSRC Team Continue reading...

Today, I have another exciting expansion of the Microsoft Bounty Programs to announce. Please visit https://aka.ms/bugbounty to find out more. I’ll be discussing this new bounty in my talk at SyScan360 on October 21, 2015. We are delighted to offer a bounty for the .NET Core and ASP.NET Beta which Microsoft released earlier this month. .NET and ASP.NET represent critical building blocks in the Visual Studio Development Suite. This bounty is particularly interesting because the libraries and functions included in .NET enable developers to write their own programs with great security and stability, increasingly on many Operating Systems. This will extend to all supported…

Today we released security updates to provide protections against malicious attackers. As a best practice, we encourage customers to apply security updates as soon as they are released. More information about this month’s security updates and advisories can be found in the Security TechNet Library. MSRC Team Continue reading...

Today we released security updates to provide protections against malicious attackers. As a best practice, we encourage customers to apply security updates as soon as they are released. More information about this month’s security updates and advisories can be found in the Security TechNet Library. MSRC Team Continue reading...

On Tuesday, August 18, 2015, Microsoft released a security update solution to address a vulnerability. The update is for all supported versions of Internet Explorer. We recommend customers to apply this update as soon as possible by following the directions on the TechNet.com/Security website, in Security Bulletin MS15-093. More information about this bulletin can be found at Microsoft’s Bulletin Summary page. MSRC Team Continue reading...

Today we released security updates to provide protections against malicious attackers. As a best practice, we encourage customers to apply security updates as soon as they are released. More information about this month’s security updates and advisories can be found in the Security TechNet Library. MSRC Team Continue reading...

I am very pleased to be releasing additional expansions of the Microsoft Bounty Programs. Please stop by the Microsoft Networking Lounge at Black Hat, August 5-6, to learn more about these programs; or, visit https://aka.ms/BugBounty. We are raising the Bounty for Defense maximum from $50,000 USD to $100,000 USD. I am also very excited to announce that we are launching a bonus period for Authentication vulnerabilities in the Online Services Bug Bounty. We will be running an onsite contest at Black Hat in Las Vegas, August 5-6, related to this effort. Lastly, we are adding RemoteApp to the list of domains covered in the Online Services Bug Bounty. The changes to the Bou…

Severity Rating: Critical Revision Note: V1.0 (March 8, 2016): Bulletin published. Summary: This security update resolves vulnerabilities in Internet Explorer. The more severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with …

Severity Rating: Critical Revision Note: V1.0 (March 8, 2016): Bulletin published. Summary: This security update resolves vulnerabilities in Microsoft Edge. The vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. Continue reading...

Severity Rating: Important Revision Note: V1.0 (March 8, 2016): Bulletin published. Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker is able to log on to a target system and run a specially crafted application. Continue reading...

Today we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to apply security updates as soon as they are released. More information about this month’s security updates and advisories can be found in the Security TechNet Library. MSRC Team Continue reading...