Skip to Content

Microsoft 365 Outage Resolved

Microsoft says that network configuration issues were responsible for an outage on Wednesday, January 25, that affected multiple Microsoft 365 services, including Microsoft Teams, Exchange Online, Outlook, SharePoint Online, OneDrive for Business, Microsoft Graph, PowerBi, M365 Admin Portal, Microsoft Intune, Microsoft Defender for Cloud Apps, and Microsoft Defender for Identity. Microsoft said the issues were …

Read More about Microsoft 365 Outage Resolved

Microsoft Will Block Excel XLL Add-ins from the Internet

Starting in March, Microsoft will block XLL files coming from the Internet in Office Excel. In its Microsoft 365 roadmap, Microsoft writes that it is making this change “to combat the increasing number of malware attacks in recent months.” Note Nice to see Microsoft continuing its quest to block common malware delivery methods. XLL files …

Read More about Microsoft Will Block Excel XLL Add-ins from the Internet

Ermetic Researchers Find Cross-site Request Forgery Flaw in Azure Cloud Services

Researchers from Ermetic have detailed their findings of a cross-site request forgery (CSRF) vulnerability affecting Azure cloud services. The flaw, dubbed EmojiDeploy, can be exploited to achieve remote code execution. The vulnerabilities are due to a series of misconfigurations and bypasses in the Kudu back-end source control management tool. Microsoft was alerted to the issues …

Read More about Ermetic Researchers Find Cross-site Request Forgery Flaw in Azure Cloud Services

Microsoft Pro Guest SMB Insecure Guest Auth Off by Default

Microsoft Windows Insider Pro now has SMB insecure guest authorization turned off by default. In a blog post, Microsoft’s Ned Pyle notes that “guest logons don’t require passwords & don’t support standard security features like signing and encryption.” The change is effective in the Windows 11 Insider Preview Build 25276, which was released earlier this …

Read More about Microsoft Pro Guest SMB Insecure Guest Auth Off by Default

Microsoft Patch Tuesday: January 2023

On Tuesday, January 10, Microsoft released fixes for nearly 100 vulnerabilities. One of the flaws, a privilege elevation vulnerability in Windows Advanced Local Procedure Call (ALPC), is being actively exploited. The vulnerability could lead to a browser sandbox escape and be exploited to gain system privileges. Eleven of the vulnerabilities are deemed critical; the others …

Read More about Microsoft Patch Tuesday: January 2023

Solved: Why Windows server 2008 R2 showing less Total Physical Memory compared with Installed Physical Memory?

Question I recently purchased a HP ProLiant DL380p Generation8 (Gen8) to use as a home Plex server, as I was able to get a great deal. I currently have Windows Server 2008 R2 (SP1) installed and plan to upgrade it in the near future. I have observed that Windows is only recognizing 32GB of memory, …

Read More about Solved: Why Windows server 2008 R2 showing less Total Physical Memory compared with Installed Physical Memory?

Solved: How to enable Windows Firewall GPO on SQL Servers with named instances?

Question I have been assigned the responsibility of enabling Windows Firewall on our server infrastructure. I have already configured the necessary rules for remote management and other essential services. However, since we are a development house with approximately 45 SQL servers, each of which use named instances which necessitates dynamic ports for connections, additional measures …

Read More about Solved: How to enable Windows Firewall GPO on SQL Servers with named instances?

Solved: What are the steps for downloading software from Microsoft GitHub?

Question When navigating Microsoft Github for software download, I noticed that the page had a variety of files, none of which were .msi, exe, or zip formats. How can I quickly locate the installation files without taking the time to search? Answer GitHub is an open-source repository providing access to source code and select executables …

Read More about Solved: What are the steps for downloading software from Microsoft GitHub?

Windows Server 2012 Extended Support will End in October

Extended support for Windows Server 2012 and Windows Server 2012 R2 will end in early October of this year. Microsoft discontinued general support for Windows Server 2012 in October 2018; the company offered five years of extended support to allow users ample time to migrate to newer, supported versions of Windows Server. Note Keep track …

Read More about Windows Server 2012 Extended Support will End in October

Shadowserver: More than 60,000 Exchange Servers Still Vulnerable to ProxyNotShell (CVE-2022-41040 and CVE-2022-41082)

Updated on 2023-01-03: Shadowserver: More than 60,000 Exchange Servers Still Vulnerable to ProxyNotShell According to data gathered by the Shadowserver Foundation, more than 60,000 Microsoft Exchange servers remain unpatched against a known remote code execution vulnerability (CVE-2022-41082) that is exploited by ProxyNotShell. Microsoft released fixes to address that flaw and a second vulnerability that is …

Read More about Shadowserver: More than 60,000 Exchange Servers Still Vulnerable to ProxyNotShell (CVE-2022-41040 and CVE-2022-41082)

Microsoft Releases Emergency Fix for Hyper-V VM Problems

On Tuesday, December 20, Microsoft released an emergency patch to fix problems caused by updates released the previous week in December’s Patch Tuesday. Some users reported being unable to create virtual machines on Hyper-V hosts. Resolution: This issue was resolved in out-of-band (OOB) updates released December 20, 2022 for installation on all Hyper-V hosts in …

Read More about Microsoft Releases Emergency Fix for Hyper-V VM Problems

Microsoft Now Says SPNEGO Extended Negotiation Security Vulnerability (CVE-2022-37958) is Critical

Updated on 2022-12-15: CVE-2022-37958 Valentina Palmiotti, a security researcher at IBM’s X-Force Red, has released more details about CVE-2022-37958, a vulnerability in the Windows SPNEGO protocol that Microsoft patched back in September. A video demonstration of the bug is here. The tl;dr here is below. Long story short, it’s really bad! “The vulnerability is in …

Read More about Microsoft Now Says SPNEGO Extended Negotiation Security Vulnerability (CVE-2022-37958) is Critical

Microsoft Patch Tuesday

On Tuesday, December 13, Microsoft released fixes to address more than 70 security issues, including a previously disclosed privilege elevation flaw in the Windows 11 DirectX graphics component (CVE-2022-44710) and a Windows SmartScreen security feature bypass vulnerability (CVE-2022-44698) that is being actively exploited. The bypass vulnerability has been exploited by Magniber ransomware threat actors. Seven …

Read More about Microsoft Patch Tuesday
Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.