Microsoft Archives

Endpoint Security

Microsoft’s Take on Kernel Access and Safe Deployment Following CrowdStrike Incident

SecurityWeek talked to David Weston, VP enterprise and OS security at Microsoft, to discuss Windows kernel access and safe deployment practices.

Kevin TownsendOctober 10, 2024

Malware & Threats

Microsoft Confirms Exploited Zero-Day in Windows Management Console

Patch Tuesday: Redmond warns that attackers are rigging Microsoft Saved Console (MSC) files to execute remote code on targeted Windows systems.

Ryan NaraineOctober 8, 2024

Cyberwarfare

Microsoft, DOJ Dismantle Domains Used by Russian FSB-Linked Hacking Group

The coordinated action resulted in the seizure of more than 100 domains used for spear-phishing targets in the US, UK, and Europe.

Ryan NaraineOctober 3, 2024

Artificial Intelligence

Microsoft Unveils Copilot Vision AI Tool, but Highlights Security After Recall Debacle

Microsoft has unveiled a new AI-based web content analysis tool, underscoring safety and security to address potential concerns.

Eduard KovacsOctober 1, 2024

Artificial Intelligence

Controversial Windows Recall AI Search Tool Returns With Proof-of-Presence Encryption, Data Isolation

Microsoft reboots controversial Windows Recall with proof-of-presence encryption, anti-tampering checks, and secure enclave data management.

Ryan NaraineSeptember 27, 2024

Incident Response

CrowdStrike Overhauls Testing and Rollout Procedures to Avoid System Crashes

CrowdStrike says it has revamped several testing, validation, and update rollout processes to prevent a repeat of the July BSOD incident.

Ryan NaraineSeptember 24, 2024

Management & Strategy

Microsoft Names Deputy CISOs, Governance Council to Manage Security Push

Microsoft says each Deputy CISO will oversee specific domains, ranging from gaming and cloud security to AI and government systems.

Ryan NaraineSeptember 24, 2024

Endpoint Security

Post-CrowdStrike Fallout: Microsoft Redesigning EDR Vendor Access to Windows Kernel

Microsoft is revamping how anti-malware tools interact with the Windows kernel to avoid another CrowdStrike faulty update catastrophe.

Ryan NaraineSeptember 13, 2024

Data Protection

Microsoft Adds Support for Post-Quantum Algorithms in SymCrypt Library

Microsoft has started introducing support for post-quantum algorithms in SymCrypt, its main cryptographic library.

Ionut ArghireSeptember 11, 2024

Vulnerabilities

Microsoft Says Windows Update Zero-Day Being Exploited to Undo Security Fixes

Patch Tuesday: Microsoft raises an alarm for in-the-wild exploitation of a critical flaw in Windows Update.

Ryan NaraineSeptember 10, 2024

Security Architecture

Microsoft Tackling Windows Logfile Flaws With New HMAC-Based Security Mitigation

Microsoft is experimenting with a major new security mitigation to block attacks targeting flaws in the Windows Common Log File System (CLFS).

Ryan NaraineSeptember 4, 2024

Vulnerabilities

Microsoft Says North Korean Cryptocurrency Thieves Behind Chrome Zero-Day

Redmond's threat intel team said exploitation of CVE-2024-7971 can be attributed to a North Korean APT targeting the cryptocurrency sector for financial gain.

Ryan NaraineAugust 30, 2024

SECURITYWEEK NETWORK:

ICS:

All posts tagged "Microsoft"

Endpoint Security

Microsoft’s Take on Kernel Access and Safe Deployment Following CrowdStrike Incident

Malware & Threats

Microsoft Confirms Exploited Zero-Day in Windows Management Console

Cyberwarfare

Microsoft, DOJ Dismantle Domains Used by Russian FSB-Linked Hacking Group

Artificial Intelligence

Microsoft Unveils Copilot Vision AI Tool, but Highlights Security After Recall Debacle

Artificial Intelligence

Controversial Windows Recall AI Search Tool Returns With Proof-of-Presence Encryption, Data Isolation

Incident Response

CrowdStrike Overhauls Testing and Rollout Procedures to Avoid System Crashes

Management & Strategy

Microsoft Names Deputy CISOs, Governance Council to Manage Security Push

Endpoint Security

Post-CrowdStrike Fallout: Microsoft Redesigning EDR Vendor Access to Windows Kernel

Data Protection

Microsoft Adds Support for Post-Quantum Algorithms in SymCrypt Library

Vulnerabilities

Microsoft Says Windows Update Zero-Day Being Exploited to Undo Security Fixes

Security Architecture

Microsoft Tackling Windows Logfile Flaws With New HMAC-Based Security Mitigation

Vulnerabilities

Microsoft Says North Korean Cryptocurrency Thieves Behind Chrome Zero-Day

Featured

Vulnerabilities

Hackers Earn Over $1 Million at Pwn2Own Berlin 2025

Incident Response

From 60 to 4,000: NATO’s Locked Shields Reflects Cyber Defense Growth

ICS/OT

Production at Steelmaker Nucor Disrupted by Cyberattack

Nation-State

Chinese Hackers Hit Drone Sector in Supply Chain Attacks

Malware & Threats

Google Ships Android ‘Advanced Protection’ Mode to Thwart Surveillance Spyware

Vulnerabilities

Ivanti Patches Two EPMM Zero-Days Exploited to Hack Customers

Malware & Threats

Zero-Day Attacks Highlight Another Busy Microsoft Patch Tuesday

Latest News

Cloud Security

NATO-Flagged Vulnerability Tops Latest VMware Security Patch Batch

Vulnerabilities

Vulnerability Exploitation Probability Metric Proposed by NIST, CISA Researchers

Threat Intelligence

Event Preview: 2025 Threat Detection & Incident Response (Virtual) Summit

Cybersecurity Funding

TrustCloud Raises $15 Million for Security Assurance Platform

Cybersecurity Funding

CloudSEK Raises $19 Million for Threat Intelligence Platform

Mobile & Wireless

O2 Service Vulnerability Exposed User Location

Government

Madhu Gottumukkala Officially Announced as CISA Deputy Director

Daily Briefing Newsletter