AuthorGregg Keizer

Microsoft delivers emergency patch for under-attack IE

Microsoft rarely mentions Internet Explorer (IE) anymore, but when it does, it usually means bad news.

So it was Wednesday, when Microsoft issued a rare emergency security update to plug a critical vulnerability in the still-supported IE9, IE10 and IE11. The flaw was reported to Microsoft by Google security engineer Clement Lecigne.

According to Microsoft, attackers are already exploiting the vulnerability, making it a classic "zero-day" bug. Because of that, the company released a fix before the next round of security updates scheduled for Jan. 8.

To read this article in full, please click here

Microsoft’s multi-factor authentication service flakes out – again

Just one day after Microsoft came clean with an explanation of a Nov. 19 outage that blocked users of Office 365 from logging into their accounts using Multi-Factor Authentication (MFA), today the service again went on the fritz.

"Starting at 14:25 UTC on 27 Nov 2018, customers using Multi-Factor Authentication (MFA) may experience intermittent issues signing into Azure resources, such as Azure Active Directory, when MFA is required by policy," read the Azure status dashboard. Two and a half hours later, the dashboard reported that after resolving a problem with an earlier DNS (Domain Name Service) issue, engineers rebooted the services. "They observed a decrease in the failure rate after the reboot cycles," the dashboard concluded.

To read this article in full, please click here

Firefox adds in-browser notification of breached sites

Mozilla has added a data breach notification to Firefox that warns the browser's users when their email address and credentials may have been obtained by hackers.

Dubbed Firefox Monitor, the free breach notification service debuted in September after some testing during the summer. Anyone -- not only Firefox users -- can steer to the service website, enter an email address and be told if that address was among those involved in successful, publicly-known breach attacks. Next steps were up to the user, including the obvious of changing the password(s) connected to that email address and/or website(s).

Notifications of the latest breaches were sent by Firefox Monitor to the user-submitted address. "Your email address will be scanned against those data breaches, and we'll let you know through a private email if you were involved," wrote Nick Nguyen, Mozilla's vice president of product strategy, in a Sept. 25 post to a company blog.

To read this article in full, please click here

Firefox adds in-browser notification of breached sites

Mozilla has added a data breach notification to Firefox that warns the browser's users when their email address and credentials may have been obtained by hackers.

Dubbed Firefox Monitor, the free breach notification service debuted in September after some testing during the summer. Anyone -- not only Firefox users -- can steer to the service website, enter an email address and be told if that address was among those involved in successful, publicly-known breach attacks. Next steps were up to the user, including the obvious of changing the password(s) connected to that email address and/or website(s).

Notifications of the latest breaches were sent by Firefox Monitor to the user-submitted address. "Your email address will be scanned against those data breaches, and we'll let you know through a private email if you were involved," wrote Nick Nguyen, Mozilla's vice president of product strategy, in a Sept. 25 post to a company blog.

To read this article in full, please click here

Amid calls for a Windows bug status dashboard, Microsoft belatedly agrees to build one

A Windows expert this week urged Microsoft to put its money where its mouth is and produce a status dashboard or website that reports and tracks problems with the operating system.

Coincidentally or not, on Wednesday Microsoft said it would launch a "Windows update status dashboard," but did not name a timetable except for a broad "in the coming year."

"I can go to this page and see if something happening with Office 365 is just a me thing or if everyone else is seeing the same," said Susan Bradley in a Nov. 13 email reply to questions, referring to the Office 365 Admin Center. (Note: Only those with administrative credentials have access; it's not meant to provide information to end users.) "(But) if I want to find out if something is a known issue with Windows 10, I have to dig through - and monitor for changes - these pages," she continued, listing two separate support documents for one such known issue.

To read this article in full, please click here

Amid calls for a Windows bug status dashboard, Microsoft belatedly agrees to build one

A Windows expert this week urged Microsoft to put its money where its mouth is and produce a status dashboard or website that reports and tracks problems with the operating system.

Coincidentally or not, on Wednesday Microsoft said it would launch a "Windows update status dashboard," but did not name a timetable except for a broad "in the coming year."

"I can go to this page and see if something happening with Office 365 is just a me thing or if everyone else is seeing the same," said Susan Bradley in a Nov. 13 email reply to questions, referring to the Office 365 Admin Center. (Note: Only those with administrative credentials have access; it's not meant to provide information to end users.) "(But) if I want to find out if something is a known issue with Windows 10, I have to dig through - and monitor for changes - these pages," she continued, listing two separate support documents for one such known issue.

To read this article in full, please click here

FAQ: Windows 10 LTSB explained

Windows 10 powered to its third anniversary this year, but one branch, identified by the initials L-T-S-B, remained an enigma to most corporate users.

LTSB, which stands for "Long-term Servicing Branch," was among the pillars of Windows 10 in the months leading up to, and for months after, the mid-2015 roll-out of the operating system. For a time, it seemed that it had a shot at becoming the Windows 10 for enterprise because it was seen as a calm port in a storm of radical change.

That hasn't happened, in part because Microsoft has steered customers away from LTSB.

To read this article in full, please click here