Skip to Content

2FA-bypass phishing campaign

Updated on 2022-11-23 A crypto-stealing phishing campaign is abusing Microsoft Azure Web Apps service to evade MFA and steal cryptocurrencies from Coinbase, KuCoin, Metamask, and Crypto.com accounts. Read more: Attackers bypass Coinbase and MetaMask 2FA via TeamViewer, fake support chat Overview: 2FA-bypass phishing campaign PIXM researchers said they are tracking a sophisticated phishing campaign that …

Read More about 2FA-bypass phishing campaign

MC467606: Now generally available: Windows Update for Business reports

Windows Update for Business reports is now generally available. This evolution of Update Compliance combines organizational and device-level reporting with actionable data and insights. The blog post provides guidance on how to enroll in or transition to Windows Update for Business reports from Update Compliance by January 15, 2023. Take an inside look at revamped …

Read More about MC467606: Now generally available: Windows Update for Business reports

MC466201: Azure Active Directory (AAD) and Microsoft (MSA) accounts can be linked to earn Microsoft Rewards points

Updated December 27, 2022: We are providing additional guidance for your information: After December 10, admins can turn off account linking using PowerShell script (outlined below). After January 17, the toggle to enable or disable the feature will be available in Microsoft 365 Admin portal Settings page. Until then, please use the PowerShell script. Microsoft …

Read More about MC466201: Azure Active Directory (AAD) and Microsoft (MSA) accounts can be linked to earn Microsoft Rewards points

Microsoft Fixes Vulnerability in Jupyter Notebooks for Azure Cosmos DB

Updated on 2022-11-02: Microsoft Fixes Vulnerability in Jupyter Notebooks for Azure Cosmos DB Microsoft has fixed an authentication bypass vulnerability in Jupyter Notebooks for Azure Cosmos DB. Microsoft says that the missing authentication checks issue was introduced in August. Researchers from Orca reported the flaw to Microsoft in early October; Microsoft fixed the issue two …

Read More about Microsoft Fixes Vulnerability in Jupyter Notebooks for Azure Cosmos DB

MC454810: Basic Authentication retirement in Microsoft 365 Apps

Updated November 16, 2022: We have updated this message with additional information for clarity. Thank you for your patience. Microsoft 365 Apps are disabling server sign-in prompts using Basic authentication in Office Apps. We are making this change because basic authentication is a legacy authentication method that sends a username and password with each request. …

Read More about MC454810: Basic Authentication retirement in Microsoft 365 Apps

MC451954: Reminder: Important changes coming January 2023 for the Windows Diagnostic data processor configuration

As previously announced, we are introducing a significant change for enterprise Windows devices that have diagnostic data turned on. Currently, to enroll devices in the Window diagnostic data processor configuration option, IT admins can use policies, such as “Allow commercial data pipeline,” at the individual device level.

Read More about MC451954: Reminder: Important changes coming January 2023 for the Windows Diagnostic data processor configuration

MC447991: Announcing Windows Update for Business reports

Update Compliance is being rebranded to Windows Update for Business reports, which was previously announced as Azure Workbooks for Update Compliance. With the general availability coming up in early November, current Update Compliance users are reminded of new eligibility requirements and the steps necessary to get ready for the upcoming improvements. Specifically, CommercialID is being …

Read More about MC447991: Announcing Windows Update for Business reports

FabriXss (CVE-2022-35829) Azure Service Fabric Explorer Spoofing Vulnerability

Updated on 2022-10-20: Azure Service Fabric Explorer Spoofing Vulnerability A spoofing vulnerability affecting Azure Fabric Explorer versions 8.1.316 and earlier could be exploited to gain full admin privileges. The flaw was detected by researchers from Orca Security and was addressed earlier this month as part of Microsoft’s Patch Tuesday release. Note You applied the October …

Read More about FabriXss (CVE-2022-35829) Azure Service Fabric Explorer Spoofing Vulnerability

MC447310: Important Azure Information Protection (AIP) Portal updates

We are moving the admin configuration of the Azure Information Protection (AIP) Scanner from the Azure portal to the Microsoft Purview compliance portal, and with the migration will be deprecating the Azure Information Protection (AIP) portal on 1/15/2023. This message is associated with Microsoft 365 Roadmap ID 100505. The AIP Scanner admin configuration is currently …

Read More about MC447310: Important Azure Information Protection (AIP) Portal updates

MC446137: Configuration Change: Azure Information Protection Add-in will be disabled by default for Office apps

Updated November 15, 2022: We have determined that this message did not reach the appropriate audience. Please disregard this message. Thank you for your patience. We’re making some changes to how Microsoft 365 Apps choose between the built-in client for sensitivity labels and the legacy Azure Information Protection (AIP) Add-in.

Read More about MC446137: Configuration Change: Azure Information Protection Add-in will be disabled by default for Office apps
Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.