Tag

Microsoft Windows

All articles tagged with #microsoft windows

security1 month ago•3 min saved

Windows tightens RDP file use to block phishing-prone connections

Microsoft’s April 2026 updates for Windows 10 and Windows 11 add protections to curb phishing by malicious Remote Desktop (.rdp) files: first-open triggers educate users, and subsequent attempts show a security dialog listing the file’s publisher status, remote address, and local resource redirects with all options off by default. If unsigned, a caution label appears; if signed, the publisher is shown but verification is still encouraged. These protections apply only to opening RDP files, not to connections via the Windows Remote Desktop client, and can be temporarily disabled via a registry setting by admins. Microsoft urges keeping the safeguards enabled, noting that attackers have used rogue RDP files in campaigns (e.g., APT29) to steal data, credentials, or even clipboard contents and smart-card authentication.

via BleepingComputer|

#enterprise-security #microsoft-windows #phishing

politics1 month ago•15 min saved

France Bets on Linux as it Ditches Windows for Digital Sovereignty

France will move some government systems from Windows to Linux, starting with the Interministerial Directorate for Digital Affairs (DINUM), as part of a broader push for digital sovereignty and reduced reliance on American tech. The plan follows bans on American videoconferencing tools and signals a move toward open-source software amid security and implementation challenges, with policymakers seeking greater control over data, infrastructure, and rollout timelines.

via Gizmodo|

#europe #france #linux

technology2 years ago•5 min saved

"Mozilla Condemns Microsoft's 'Harmful Designs' to Promote Edge to Windows Users"

Mozilla has commissioned a report highlighting Microsoft's alleged use of harmful design practices to influence Windows users into using its Edge browser over Google Chrome. The report claims that Microsoft employs tactics such as interruptions during Chrome installation, promoting Edge's benefits, and injecting ads into the search and install process. Mozilla argues that these practices inhibit user choice and competition, calling for regulatory action to restore browser choice and competition across major platforms.

via Forbes|

#browser-competition #google-chrome #microsoft-windows

email-security-vulnerability2 years ago•2 min saved

Zero-Click Outlook RCE Exploits: New Details and Disclosures

Security researchers have revealed technical details about two now-patched security flaws in Microsoft Windows that could be exploited by threat actors to achieve remote code execution on the Outlook email service without any user interaction. The vulnerabilities, CVE-2023-35384 and CVE-2023-36710, were addressed by Microsoft in August and October 2023, respectively. CVE-2023-35384 is a bypass for a critical security flaw that Microsoft patched in March 2023, and it can be used to steal NTLM credentials and conduct a relay attack. The vulnerabilities can be chained together to create a full zero-click remote code execution exploit against Outlook clients. Organizations are advised to use microsegmentation to block outgoing SMB connections to remote public IP addresses and to disable NTLM or add users to the Protected Users security group to mitigate the risks.

via The Hacker News|

#email-security-vulnerability #microsoft-windows #outlook