Archive | Microsoft RSS for this section

Security: Office 365 Phishing email

The past two mornings have had businesses in the Albany area who use Microsoft’s Office 365 receive a Phishing email claiming that users passwords have had a password change request and please follow the link included  in order to cancel the request.

The sender will be listed as “Office” or “Office 365” and the Subject line will read “Password Reset Alert”

This email should be deleted immediately.

 

WCry Ransomware Using NSA Exploit Leaked by Shadow Brokers running wild

Today security experts are warning of the continued spread of WCry and of numerous variants being released over the weekend.

Typical of Any Ransomware users should be vigilant with any emails that could be carrying a payload or be links to a payload. At this point Microsoft has not ruled out any attack vectors:

We haven’t found evidence of the exact initial entry vector used by this threat, but there are two scenarios we believe are highly possible for this ransomware family:

  • Arrival through social engineering emails designed to trick users to run the malware and activate the worm-spreading functionality with the SMB exploit
  • Infection through SMB exploit when an unpatched computer can be addressed in other infected machines

Microsoft has released a patch for Operating systems going as far back as XP:

Windows update MS17-010

 

 

Security Update for Microsoft Malware Protection Engine

Microsoft has released an update to the Microsoft Malware Protection Engine addressing a security vulnerability. The update addresses a vulnerability that could allow remote code execution if the Microsoft Malware Protection Engine scans a specially crafted file. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSystem account and take control of the system.

Users should run their Microsoft updates ASAP and apply the patch if using one of the Microsoft Provided Malware products such as the Windows Defender line.

Windows Vista: End of Support

Mainstream support for Vista ended in April 2012, Extended support is ending April 11, 2017 which means no further security updates or paid support. With no updates the use of Windows Vista is not advices and we recommend all personal and business computers be updated to Windows 7 or Windows 10.

Source: Microsoft

 

Windows 10 Anniversary Update: Ransomware

Microsoft has improved its ransomware protections in the Windows 10  Anniversary Update in the face of increased infection rates and a doubling in the number ransomware variants released in 2016. The information is available Here.

Microsoft Releases Security Bulletins, Five Rated Critical

Five of them are rated as Critical as they allow remote code execution on the affected computer.

Remote Code Execution vulnerabilities are ones that allow an attacker to remotely execute commands on a computer.

All Windows users should immediately run Windows update and install all of the available updates as soon as possible.

Microsoft releases 11 Security Updates

Included in this update are 11 security updates with 6 of them being labeled as critical allowing remote code execution. Remote code execution allows attackers to execute commands on the vulnerable system without the owner’s knowledge.

All users should immediately run Windows update and install all of the available updates as soon as possible.