Microsoft

(get it in RSS or Atom)

SSCC 198 - "Fusking"? Did I hear that correctly? [PODCAST]

A week of many patches, Lenovo in the news again, an anti-forensic tool with a misleading name, and the rudely-named "sport" of Fusking.

Listen to our latest straight-talking security podcast...

If the "Deep Web" becomes searchable, is it still deep? 60 Sec Security [VIDEO]

Watch the latest episode of our only-takes-a-minute security roundup video!

This week: From old crypto bugs to the latest Windows security holes...

SSCC 194 - Patch early? Patch often? This time, "Patch NOW!" [PODCAST]

Join Sophos experts Chester Wisniewski and Paul Ducklin for the latest episode of our weekly security podcast.

From the very latest Update Tuesday to how we get rid of 10-year-old security holes, here's the security news you can use.

Update Tuesday, April 2015 - Urgent action needed over Microsoft HTTP bug

We don't usually focus on one vulnerability and say, "Do that first." But this month, we're willing to make an exception.

The Microsoft HTTP stack has a bug that could let attackers straight in with a simple HTTP request...

"Probably tired and shagged out after a long squawk" - 60 Sec Security [VIDEO]

Our weekly witty-but-serious video - news you can use, and it only takes a minute.

Enjoy...

SSCC 189 - Hey, is that your CPU on fire? [PODCAST]

Join Sophos experts Chester Wisniewski and Paul Ducklin for our weekly security podcast.

Sharp, witty and educational, as usual (if we do say so ourselves)...enjoy!

Update Tuesday wrap-up, March 2015 - FREAK fixed fast, and lots more from Microsoft

Adobe published no bulletins for March 2015, so this one is all about Microsoft...

Windows 10 will work with FIDO specs for password-free access, says Microsoft

Windows 10 logo

Microsoft has announced that its forthcoming revamp of Windows will be compliant with FIDO's current specifications for advanced authentication. Or has it?

Microsoft pulls PowerPoint-killing patch KB2920732

Safety pins. Image courtesy of Shutterstock.

The latest in a series of Microsoft patch failures rendered PowerPoint inoperable on devices running Windows RT.

The "JASBUG" Windows vulnerability - beyond the hype, what you need to know

jasbug-500

Struggling to understand the JASBUG flaw fixed by Microsoft in this month's Update Tuesday?

Paul Ducklin explains it clearly, with minimal jargon.

Update Tuesday wrap-up, February 2015 - don't let JASBUG distract you

Be careful!

The JASBUG vulnerability in Windows is grabbing the headlines, but there are other bugs this month that could hit you harder.

Paul Ducklin explains...

Google, Amazon, Microsoft pay to get ads past Adblock Plus

Google, Amazon, Microsoft pay to get ads past Adblock Plus

Ad-buying big boys Google, Amazon, Microsoft and the content marketing platform Taboola have quietly ponied up the money to keep their ads from being blocked on Adblock Plus, the world's most popular software for blocking online advertising.

SSCC 181 - The Security Duel: "Bug reports at 15 paces" [PODCAST]

Microsoft vs. Google - Google vs. Users - Hackers vs. US Army - the fight is on in the latest episode of our weekly security podcast!

Enjoy...

Update Tuesday wrap-up, January 2015 - See? We didn't use the word "Patch"!

Like fingers and thumbs, not all updates are patches, even if all patches are updates.

So, here's the skinny on Update Tuesday...including the security patches, of course.

Microsoft swings punch at Google - accuses Project Zero of a "Gotcha!"

Two days! Two measly days!

Google is back in the firing line, this time directly from Microsoft, over its "Project Zero" full-disclosure process...

"Dear Facebook, I DEMAND that you ignore my demands" - 60 Sec Security [VIDEO]

Our weekly security news video, for your viewing pleasure.

Fun with a serious side, in just one minute...watch now!

Microsoft discontinues Advance Notification Service, but why?

Microsoft. Image from Shutterstock

Microsoft kicked off 2015 by discontinuing its Advance Notification Service which alerted IT professionals to fixes that would ship the following week, allowing time to prepare staff and systems.

SSCC 180 - Surely zero-days come from cybercrooks, not from Silicon Valley? [PODCAST]

Enjoy the first 2015 episode of our popular weekly security podcast.

In this episode: zero-day politics, leaky security features, Bitcoin news, and a shout out to our New Year #sophospuzzle winners!

Hacking group publishes Xbox One SDK, threatens to leak unreleased game builds

Xbox One. Image courtesy of 360b/Shutterstock.

Microsoft's festive woes continue after a hacking group managed to get hold of and subsequently release the November 2014 Xbox One software development kit (SDK).