Select Page
New ransomware, old techniques: Petya adds worm capabilities

New ransomware, old techniques: Petya adds worm capabilities

(Note: We have published a follow-up blog entry on this ransomware attack. We have new findings from our continued investigation, as well as platform mitigation and protection information: Windows 10 platform resilience against the Petya ransomware attack.) On June 27, ... continue reading
What’s new in Windows Defender ATP Fall Creators Update

What’s new in Windows Defender ATP Fall Creators Update

When we introduced Windows Defender Advanced Threat Protection (Windows Defender ATP), our initial focus was to reduce the time it takes companies to detect, investigate, and respond to advanced attacks. The Windows Fall Creators Update represents a new chapter in ... continue reading
Screenshot of security subscription notification

Partnering with the AV ecosystem to protect our Windows 10 customers

On Friday May 12th, and for several days afterwards, more than a quarter-million computers around the world fell victim to the ransomware known as WannaCrypt or WannaCry. As that recent event has shown, malicious actors bring nearly boundless time and ... continue reading

TLS 1.2 support at Microsoft

This post is authored by Andrew Marshall, Principal Security Program Manager, Trustworthy Computing Security. In support of our commitment to use best-in-class encryption, Microsoft’s engineering teams are continually upgrading our cryptographic infrastructure. A current area of focus for us is ... continue reading
Analysis of the Shadow Brokers release and mitigation with Windows 10 virtualization-based security

Analysis of the Shadow Brokers release and mitigation with Windows 10 virtualization-based security

On April 14, a group calling themselves the Shadow Brokers caught the attention of the security community by releasing a set of weaponized exploits. Shortly thereafter, one of these exploits was used to create wormable malware that we now know ... continue reading
Dropping the “Untrusted Font Blocking” setting

Dropping the “Untrusted Font Blocking” setting

With the Windows 10 v1703 security configuration baseline, Microsoft is removing the recommendation to enable the “Untrusted Font Blocking” Group Policy setting in Computer Configuration | Administrative Templates | System | Mitigation Options. Windows 10 includes additional mitigations that make ... continue reading
Windows 10 Creators Update provides next-gen ransomware protection

Windows 10 Creators Update provides next-gen ransomware protection

Multiple high-profile incidents have demonstrated that ransomware can have catastrophic effects on all of us. From personally losing access to your own digital property, to being impacted because critical infrastructure or health care services are unexpectedly unavailable for extended periods ... continue reading
Three basic security hygiene tips from Microsoft’s Identity Team

Three basic security hygiene tips from Microsoft’s Identity Team

This post is authored by Alex Weinert from the Identity Division’s Security and Protection Team. Hey there! I want to share three basic hygiene tips for account protection that every organization should consider. Applying these will go a long way ... continue reading

Guidance on Disabling System Services on Windows Server 2016 with Desktop Experience

[Primary authors: Dan Simon and Nir Ben Zvi] The Windows operating system includes many system services that provide important functionality. Different services have different default startup policies: some are started by default (automatic), some when needed (manual) and some are ... continue reading

Announcing new Adversary Detection and Compromised Recovery services

This post is authored by Berk Veral, Senior Marketing Communication Manager, Enterprise Cybersecurity Group. Perhaps one of the best-kept secrets within Microsoft cybersecurity services is the Global Incident Response and Recovery team. We affectionately call them the “GIRR” team for ... continue reading