Tag Archive for: Microsoft’s

Microsoft’s role in government email hack under cyber-inquiry scrutiny

/in


In a recent development that rattled the cyber world, Microsoft found itself in the crosshairs of a U.S. cyber inquiry after a breach of government officials’ email accounts. The planned investigation by a cybersecurity advisory panel will include an examination of the software giant’s role in the hack, which is suspected to be done by Chinese hackers.

The Cyber Safety Review Board, under the Biden administration, is set to focus broadly on risks to cloud computing infrastructure, Bloomberg reported.

According to a Department of Homeland Security official, as quoted by Bloomberg, the board will delve into identity and authentication management, looking into all relevant cloud service providers.

The cyber breach gave rise to vocal criticism from lawmakers like Senator Ron Wyden, who wrote to Attorney General Merrick Garland, Federal Trade Commission Chair Lina Khan, and Director of the Cybersecurity and Infrastructure Security Agency Jen Easterly.

In his letter, Senator Wyden firmly suggested that Microsoft’s cybersecurity procedures were sloppy and required a thorough investigation.

The public scrutiny surrounding Microsoft’s cybersecurity practices isn’t new. Recently, the company faced increasing criticism from computer security experts and government agencies who questioned the adequacy of its customer protection measures against breaches.

The email hack resonated powerfully because it occurred shortly before Secretary of State Antony Blinken’s planned trip to meet President Xi Jinping of China. Additionally, the hack utilized a Microsoft consumer signing key, which enabled the hackers to penetrate the networks and obtain entry to the officials’ emails.

In response, Microsoft committed to making 31 critical security logs accessible to licensees of the company’s lower-cost cloud services from September onwards to tighten their cybersecurity measures. The company also plans to extend the retention period for security logs from 90 to 180 days.

This tale underpins the need for relentless vigilance and rigorous security protocols in our increasingly connected world. It serves as a stern reminder of how even the giants of the tech world can stumble when it comes to…

Source…

Microsoft’s Patch Tuesday for April 2023 closes 97 security bugs, 1 zero-day flaw

/in


Recap: Every second Tuesday of the month, Microsoft rolls out its latest collection of security fixes. The unofficial ‘Patch Tuesday’ definition has been used by Microsoft in the last 20 years to describe the company’s release of security fixes for Windows and other products.

For April 2023, the company’s update focuses on closing multiple vulnerabilities as well as a nasty zero-day flaw.

According to Microsoft’s official security bulletin, patches released in April 2023 provide updates for many Windows components including the Kernel, Win32K API, .NET Core, the Azure cloud platform, Microsoft Office applications, Visual Studio, and Windows Active Directory. All things considered, the latest Patch Tuesday fixes 97 security flaws.

Seven vulnerabilities are classified with a “critical” risk level, as they could be abused to remotely execute potentially malicious code. The Patch Tuesday flaws are classified as follows: 20 elevation of privilege vulnerabilities, eight security feature bypass vulnerabilities, 45 remote code execution vulnerabilities, 10 information disclosure vulnerabilities, nine denial of service vulnerabilities, and six spoofing vulnerabilities.

The list doesn’t include 17 security flaws in Microsoft Edge that were fixed a week ago. A complete report on all the flaws and related advisories has been published by Bleeping Computer. Besides security fixes, on Patch Tuesday day Microsoft also rolled out cumulative, non-security updates for Windows 11 (KB5025239) and Windows 10 (KB5025221, KB5025229).

The single zero-day vulnerability is tracked as CVE-2023-28252, or ‘Windows Common Log File System Driver Elevation of Privilege Vulnerability.’ An attacker who successfully exploits this vulnerability could gain system privileges, Microsoft explains, meaning that they could achieve the highest access level available on a Windows OS.

According to security researchers, cyber-criminals are already trying to exploit the CVE-2023-28252 bug to spread the Nokoyawa ransomware to organizations belonging to wholesale, energy, manufacturing, and healthcare industries. The flaw is similar to another privilege escalation bug supposedly fixed by Microsoft in…

Source…

Microsoft’s Patch Tuesday update fixes 3 zero-day flaws

/in


Keeping your operating system updated is a great way to fend off cybercriminals. Many Widows updates contain patches that fix vulnerabilities that hackers can exploit. The latest Windows update is no different, as it fixes three dangerous zero-day flaws.

Read on for details on the most recent Microsoft update and how to get it.

Here’s the backstory

Microsoft just rolled out a Windows update for February’s Patch Tuesday, and it’s a big one.

The security update fixes three zero-day exploits and another 74 flaws. A zero-day exploit is a vulnerability that hackers know about and actively use. Nine of the flaws are rated as critical.

According to Nucleus Security, one significant issue is CVE-2023-23529, a WebKit Remote Code Execution flaw.

“An attacker would need to convince a user to visit a malicious application from a vulnerable device to exploit the vulnerability, which appears to have the potential to lead to local code execution,” Nucleus explains in a blog post.

In total, the critical Windows update fixes:

  • 12 Elevation of Privilege flaws.
  • Two Security Feature Bypass flaws.
  • 38 Remote Code Execution flaws.
  • Eight Information Disclosure flaws.
  • 10 Denial of Service flaws.
  • Eight Spoofing flaws.

How to update Windows 10 and Windows 11

You must frequently check your operating system to see if there are any updates available. The best way to ensure you remain protected is to set Windows to download updates automatically.

If you don’t use that setting, here’s how to manually update Windows 10:

  • Click the Start button > Settings > Update & Security > Windows Update
  • Then select Check for updates. If an update is available, select Download and install now.

Even though this update is specifically for Windows 10, you might have missed a few patches on your Windows 11 computer. 

Here’s how to update Windows 11:

  • Go to Start > Settings > Windows Update > Check for updates.
  • If an update is available, select Download and install now.

Remember that some updates require a restart, so save any work or open…

Source…

Inside Microsoft’s security threat landscape (and how you can protect your company)

/in


Register now for your free virtual pass to the Low-Code/No-Code Summit this November 9. Hear from executives from Service Now, Credit Karma, Stitch Fix, Appian, and more. Learn more.

Throughout the past few years, Microsoft has faced a slew of negative news over a series of vulnerabilities and hacks. So, it’s no wonder that vulnerabilities in Microsoft products are an attractive attack vector. According to a report from the Cybersecurity and Infrastructure Security Agency (CISA), Microsoft systems has had 238 cybersecurity deficiencies reported since the beginning of 2022, which is 30% of all vulnerabilities discovered so far this year. 

In 2021, major agencies like the National Security Agency (NSA), FBI, CISA and CIA detailed the 15 most common vulnerabilities and exposures (CVEs) exploited by hackers. Of those, 60% (nine) were due to deficiencies in Microsoft’s designed, operated and owned systems, including seven CVEs within Microsoft’s Exchange Server.

This is even more alarming when you consider that Microsoft holds a dominant share (85%) of U.S. government workplace procurement and IT systems, essentially putting the entire government at risk of a hack. 

Microsoft made headlines again in late 2021, when it warned customers that the Azure cloud platform had configuration errors in a component which, enabled by default, had exposed data for the past two years. As a result, thousands of customers that rely on the Azure Cosmos DB — including household names like Exxon and Coca-Cola, were exposed to the possibility that an attacker could read, write or delete data without authorization.

Event

Low-Code/No-Code Summit

Join today’s leading executives at the Low-Code/No-Code Summit virtually on November 9. Register for your free pass today.


Register Here

Threat actors exploited multiple yet-to-be-disclosed Microsoft flaws and zero-day bugs, allowing attacks to be executed remotely, according to claims made by security researchers at Vietnamese cybersecurity outfit GTSC, who first spotted and reported…

Source…