Found 43 bookmarks
Newest
Microsoft Outlook to block more risky attachments used in attacks
Microsoft Outlook to block more risky attachments used in attacks
Microsoft announced it will expand the list of blocked attachments in Outlook Web and the new Outlook for Windows starting next month. Microsoft announced it will expand the list of blocked attachments in Outlook Web and the new Outlook for Windows starting next month. The company said on Monday in a Microsoft 365 Message Center update that Outlook will block .library-ms and .search-ms file types beginning in July. "As part of our ongoing efforts to enhance security in Outlook Web and the New Outlook for Windows, we're updating the default list of blocked file types in OwaMailboxPolicy," Microsoft said. "Starting in early July 2025, the [.library-ms and .search-ms] file types will be added to the BlockedFileTypes list."
#bleepingcomputer#EN#2025#Microsoft#New-Outlook#Outlook#Outlook-on-the-web#Windows
·bleepingcomputer.com·
Microsoft Outlook to block more risky attachments used in attacks
Windows RDP lets you log in using revoked passwords. Microsoft is OK with that.
Windows RDP lets you log in using revoked passwords. Microsoft is OK with that.
Researchers say the behavior amounts to a persistent backdoor. rom the department of head scratches comes this counterintuitive news: Microsoft says it has no plans to change a remote login protocol in Windows that allows people to log in to machines using passwords that have been revoked. Password changes are among the first steps people should take in the event that a password has been leaked or an account has been compromised. People expect that once they've taken this step, none of the devices that relied on the password can be accessed. The Remote Desktop Protocol—the proprietary mechanism built into Windows for allowing a remote user to log in to and control a machine as if they were directly in front of it—however, will in many cases continue trusting a password even after a user has changed it. Microsoft says the behavior is a design decision to ensure users never get locked out. Independent security researcher Daniel Wade reported the behavior earlier this month to the Microsoft Security Response Center. In the report, he provided step-by-step instructions for reproducing the behavior. He went on to warn that the design defies nearly universal expectations that once a password has been changed, it can no longer give access to any devices or accounts associated with it.
#arstechnica#EN#2025#RDP#revoked#passwords#Microsoft#Windows
·arstechnica.com·
Windows RDP lets you log in using revoked passwords. Microsoft is OK with that.
Microsoft deprecates PPTP and L2TP VPN protocols in Windows Server
Microsoft deprecates PPTP and L2TP VPN protocols in Windows Server
Microsoft has officially deprecated the Point-to-Point Tunneling Protocol (PPTP) and Layer 2 Tunneling Protocol (L2TP) in future versions of Windows Server, recommending admins switch to different protocols that offer increased security. #Deprecated #L2TP #Microsoft #PPTP #Server #VPN #Windows
#bleepingcomputer#EN#2024#Windows#Microsoft#PPTP#L2TP#Server#VPN#Deprecated
·bleepingcomputer.com·
Microsoft deprecates PPTP and L2TP VPN protocols in Windows Server
Stealing everything you’ve ever typed or viewed on your own Windows PC is now possible with two lines of code — inside the Copilot+ Recall disaster.
Stealing everything you’ve ever typed or viewed on your own Windows PC is now possible with two lines of code — inside the Copilot+ Recall disaster.
I wrote a piece recently about Copilot+ Recall, a new Microsoft Windows 11 feature which — in the words of Microsoft CEO Satya Nadella- takes “screenshots” of your PC constantly, and makes it into an…
#doublepulsar#EN#Microsoft#Copilot+#PC#Windows#Recall#Stealing#disaster#KevinBeaumont
·doublepulsar.com·
Stealing everything you’ve ever typed or viewed on your own Windows PC is now possible with two lines of code — inside the Copilot+ Recall disaster.
Windows 10 gets three more years of security updates, if you can afford them | Ars Technica
Windows 10 gets three more years of security updates, if you can afford them | Ars Technica
Windows 10's end-of-support date is October 14, 2025. That's the day that most Windows 10 PCs will receive their last security update and the date when most people should find a way to move to Windows 11 to ensure that they stay secure. As it has done for other stubbornly popular versions of Windows, though, Microsoft is offering a reprieve for those who want or need to stay on Windows 10: three additional years of security updates, provided to those who can pay for the Extended Security Updates (ESU) program.
#arstechnica#EN#2023#win10#ESU#support#end-of-support#Extended#Security#Updates#Windows#Windows10#Microsoft
·arstechnica.com·
Windows 10 gets three more years of security updates, if you can afford them | Ars Technica