With Windows Server 2019, Microsoft is adding resiliency and redundancy enhancements to the Shielded Virtual Machines security controls it introduced with Windows Server 2016. Shielded VMs originally provided a way to protect virtual machine assets by isolating them from the hypervisor infrastructure and could also help prove to auditors that systems were adequately isolated and […]
In the wake of yet another ransomware attack—this time named NotPetya—I have a special message specifically for those of you working in organizations that continue to run Microsoft Windows as the operating system on either your servers or your desktops: You are doing a terrible job and should probably be fired. I know. That’s harsh. […]
Since the WannaCry ransomware ripped through the internet late last week, infecting hundreds of thousands of machines and locking up critical systems from health care to transportation, cryptographers have searched for a cure. Finding a flaw in WannaCry’s encryption scheme, after all, could decrypt all those systems without any ransom. Now one French researcher says […]
The WannaCry ransomware has wormed its way into tens of thousands of Windows PCs in China, where Windows XP runs one in five systems, local reports said Monday. More than 23,000 IP addresses in the People’s Republic of China (PRC) show signs of infection, the country’s National Computer Network Emergency Response Technical Team/Coordination Center (CNCERT) […]
As a vicious new strain of ransomware swept the UK’s National Health Service yesterday, shutting off services at hospitals and clinics throughout the region, experts cautioned that the best protection was to download a patch Microsoft had issued in March. The only problem? A reported 90 percent of NHS systems run Windows XP, an operating […]
Users of old Windows systems can now download a patch to protect them from this week’s massive ransomware attack. In a rare step, Microsoft published a patch for Windows XP, Windows Server 2003 and Windows 8 — all of them operating systems for which it no longer provides mainstream support. Users can download and find […]
Friday’s unprecedented ransomware attack may have stopped spreading to new machines — at least briefly — thanks to a “kill switch” that a security researcher has activated. The ransomware, called Wana Decryptor or WannaCry, has been found infecting machines across the globe. It works by exploiting a Windows vulnerability that the U.S. National Security Agency […]
A Microsoft manager this week offered IT administrators a way to replicate — in a fashion — the security bulletins the company discarded last month. “If you want a report summarizing today’s #MSRC security bulletins, here’s a script that uses the MSRC Portal API,” John Lambert, general manager of the Microsoft Threat Intelligence Center, said […]
The Tuesday updates for Internet Explorer and Microsoft Edge force those browsers to flag SSL/TLS certificates signed with the aging SHA-1 hashing function as insecure. The move follows similar actions by Google Chrome and Mozilla Firefox earlier this year. Browser vendors and certificate authorities have been engaged in a coordinated effort to phase out the […]
It’s been a few years since Microsoft’s then-CEO Steve Ballmer danced across the stage screaming “DEVELOPERS DEVELOPERS DEVELOPERS,” but those are still the three words you’d use to explain this week’s Build conference. Like Google’s I/O or Apple’s WWDC, the annual event is partly a state of the union, partly a product unveiling, but mostly […]