(Note: We have published a follow-up blog entry on this ransomware attack. We have new findings from our continued investigation, as well as platform mitigation and protection information: Windows 10 platform resilience against the Petya ransomware attack.) On June 27, ... continue reading

When we introduced Windows Defender Advanced Threat Protection (Windows Defender ATP), our initial focus was to reduce the time it takes companies to detect, investigate, and respond to advanced attacks. The Windows Fall Creators Update represents a new chapter in ... continue reading

On Friday May 12th, and for several days afterwards, more than a quarter-million computers around the world fell victim to the ransomware known as WannaCrypt or WannaCry. As that recent event has shown, malicious actors bring nearly boundless time and ... continue reading

This post is authored by Andrew Marshall, Principal Security Program Manager, Trustworthy Computing Security. In support of our commitment to use best-in-class encryption, Microsoft’s engineering teams are continually upgrading our cryptographic infrastructure. A current area of focus for us is ... continue reading

On April 14, a group calling themselves the Shadow Brokers caught the attention of the security community by releasing a set of weaponized exploits. Shortly thereafter, one of these exploits was used to create wormable malware that we now know ... continue reading

With the Windows 10 v1703 security configuration baseline, Microsoft is removing the recommendation to enable the “Untrusted Font Blocking” Group Policy setting in Computer Configuration | Administrative Templates | System | Mitigation Options. Windows 10 includes additional mitigations that make ... continue reading

Multiple high-profile incidents have demonstrated that ransomware can have catastrophic effects on all of us. From personally losing access to your own digital property, to being impacted because critical infrastructure or health care services are unexpectedly unavailable for extended periods ... continue reading

This post is authored by Alex Weinert from the Identity Division’s Security and Protection Team. Hey there! I want to share three basic hygiene tips for account protection that every organization should consider. Applying these will go a long way ... continue reading

[Primary authors: Dan Simon and Nir Ben Zvi] The Windows operating system includes many system services that provide important functionality. Different services have different default startup policies: some are started by default (automatic), some when needed (manual) and some are ... continue reading

This post is authored by Berk Veral, Senior Marketing Communication Manager, Enterprise Cybersecurity Group. Perhaps one of the best-kept secrets within Microsoft cybersecurity services is the Global Incident Response and Recovery team. We affectionately call them the “GIRR” team for ... continue reading