Delivering security innovation that puts Microsoft’s experience to work for you

Cybersecurity is the central challenge of our digital age. Without it, everything from our personal email accounts and privacy to the way we do business, and all types of critical infrastructure, are under threat. As attackers evolve, staying ahead of these threats is getting harder. Microsoft ca...

Zero Trust Security Architectures

This introduction is Part 1 of a 5 part blog series. Jump to Part 2: Network Micro-Segmentation Jump to Part 3: Software Defined Perimeter Jump to Part 4: Identity Aware Proxy Jump to Part 5: Akamai's Approach to Zero Trust Introduction Most enterprises today operate hundreds of applications that...

Is two-factor authentication (2FA) as secure as it seems?

Two-factor authentication 2FA was invented to add an extra layer of security to the—now considered old-fashioned and insecure—simple login procedure of entering a username and password. One of the most well-known examples of 2FA is when you try to log into a familiar website from a different...

The vulnerability of the Active Directory Federation Services for Windows operating systems allows a perpetrator to bypass the authentication process.

The vulnerability of the Active Directory Federation Services ADFS service on Windows operating systems is related to improper handling of multi-factor authentication requests. Exploiting this vulnerability allows a malicious actor to bypass authentication procedures by sending specially crafted...

CVE-2018-8340

A security feature bypass vulnerability exists when Active Directory Federation Services AD FS improperly handles multi-factor authentication requests, aka "AD FS Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows Server 2012 R2, Windows 10 Servers...

CVE-2018-8340

A security feature bypass vulnerability exists when Active Directory Federation Services AD FS improperly handles multi-factor authentication requests, aka "AD FS Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows Server 2012 R2, Windows 10 Servers...

EUVD-2018-19991

A security feature bypass vulnerability exists when Active Directory Federation Services AD FS improperly handles multi-factor authentication requests, aka "AD FS Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows Server 2012 R2, Windows 10 Servers...

CVE-2018-8340

A security feature bypass vulnerability exists when Active Directory Federation Services AD FS improperly handles multi-factor authentication requests, aka "AD FS Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows Server 2012 R2, Windows 10 Servers...

Microsoft Flaw Allows Full Multi-Factor Authentication Bypass

A vulnerability in Microsoft’s Active Directory Federation Services ADFS has been uncovered that would allow malicious actors to bypass multi-factor authentication MFA safeguards. Many organizations rely on ADFS to manage identities and resources across their entire enterprise, and ADFS functions...

ADFS Security Feature Bypass Vulnerability

A security feature bypass vulnerability exists when Active Directory Federation Services ADFS improperly handles multi-factor authentication requests. To exploit this vulnerability, an attacker could send a specially crafted authentication request. An attacker who successfully exploited this...

Enable your users to work securely from anywhere, anytime, across all of their devices

This blog is part of a series that responds to common questions we receive from customers about deployment of Microsoft 365 Security solutions. In this series youll find context, answers, and guidance for deployment and driving adoption within your organization. Check out our last blog, Assessing...

Microsoft Bounty Program Offers Payouts for Identity Service Bugs

Microsoft has lifted the curtain on a new bug-bounty program, offering payouts as high as $100,000 for holes in identity services and implementations of the OpenID standard. The bounty program touches on Microsoft’s array of digital identity solutions, which tout strong authentication, secure...

A week in security (July 9 – July 15)

Last week, we talked about domestic abuse fuelled by IoT, doing threat intel programs right, blocking ICO fraud, and man-in-the-middle attacks. We also explained why we block shady ad blockers and provided tips to online shoppers for Prime Day. Other news: Reports revealed that low-end Android...

Now that you have a plan, it’s time to start deploying

This blog is part of a series that responds to common questions we receive from customers about deployment of Microsoft 365 security solutions. In this series, youll find context, answers, and guidance for deployment and driving adoption within your organization. Check out our last blog First...

Make Application Access IT-Friendly

More and more companies are looking at alternatives to VPNs due to the security risks associated with network level access. And increasingly, the goal is to eliminate network trust through a zero trust architecture - which is one of the primary reasons many of these organizations are deploying...

How to Make Your Demo Environment Easy, Accessible...AND Secure

A common misconception I've heard in the field is that a tradeoff exists between easy access for applications and network security. For example, companies want to allow their sales team, partners, and prospects access into demo environments. With traditional access solutions, there is a question ...

First things first: Envisioning your security deployment

This blog post is part of a series that responds to common questions we receive from customers about deployment of Microsoft 365 Security solutions. In this series youll find context, answers, and guidance for deployment and driving adoption within your organization. Check out our last blog...

Creating and Managing Strong Passwords

NCCIC/US-CERT reminds users of the importance of creating and managing strong passwords. Passwords are often the only barrier between you and your personal information. There are several programs attackers can use to help guess or "crack" passwords. However, choosing strong passwords and keeping...

The digital entropy of death: what happens to your online accounts when you die

Unless you're planning on having your mind jammed inside some sort of computer chip, eventually mortality will catch up and you're going to have to work out what you'll do with all of your online accounts. When it's time to shuffle off this mortal coil, you might, theoretically, be slightly annoy...

Abine Blur Information Disclosure Vulnerability

Abine Blur is a private account management application from Abine USA.Password Manager Extension is one of the password management plug-ins. A security vulnerability exists in Password Manager Extension in Abine Blur version 7.8.2428 prior to 7.8.242. A remote attacker can exploit this...