From Lord Time@TIME to All on Wed Jun 24 09:29:17 2015
Microsoft Security Newsletter - June 2015
Trustworthy Computing | June 2015
Microsoft Security Newsletter
Welcome to June 2015's Security Newsletter!
The latest volume of the http://microsoft.com/sir
Microsoft Security Intelligence Report is now available. This volume of the report focuses on the threat landscape in the second half of 2014 when there were some dramatic changes.
The vulnerability disclosure data published in the report suggests that there was a 56.3% increase in vulnerability disclosures between the third and fourth quarters of 2014. After many periods of relatively small changes in disclosure totals, the 4,512 vulnerabilities disclosed during the second half of 2014 is the largest number of vulnerabilities disclosed in any half-year period since the CVE system was launched in 1999. Disclosures of vulnerabilities in applications other than web browsers and operating system applications increased 98.3% in the second half of 2014 and accounted for 76.5% of total disclosures for the period.
Figure 1. Industrywide vulnerability disclosures between the first half of 2012 (1H12) and the second half of 2014 (2H14)
Figure 2. Industrywide operating system, browser, and application vulnerabilities between the first half of 2012 (1H12) and the second half of 2014 (2H14)
Overall, encounters with Java exploits continued to decrease significantly in the second half of 2014, while Flash Player exploit attempts increased.
Figure 3. Trends for the top Java exploits detected and blocked by Microsoft real-time antimalware products in 2014
Figure 4. Adobe Flash Player exploits detected and blocked by Microsoft real-time antimalware products in 2014
Regional threat assessments are available for over 100 countries as well as an online tool that enables you to quickly compare two locations.
In the meantime, thanks to all the sessions at Microsoft Ignite last month, and the announcement about the http://www.microsoft.com/en-us/windows/windows-10-upgrade
free upgrade offer for consumers, the excitement around Windows 10 is building. As a result, this monthÆs newsletter features resources to help you find out whatÆs coming in Windows 10 with regard to security.
New access and security controls for Outlook for iOS and Android
Outlook now uses Active Directory Authentication Library (ADAL)-based authentication for Exchange Online mailboxes in Office 365, replacing the previously used basic authentication method. This new authentication method enables IT administrators to configure new access scenarios for sign in to Office 365 and to better control and manage Outlook on mobile devices in their organization. Learn more.
One of the items examined in the latest version of the Microsoft Security Intelligence Report is the increased speed at which purveyors of commercial exploit kits are trying to take advantage of newly disclosed vulnerabilities, even in cases where security updates have been developed, released and deployed to hundreds of millions of systems around the world. Learn more about this trend and the most effective way to mitigate risk.
Azure Disk Encryption management for Windows and Linux virtual machines
Microsoft Azure enables you to control your Azure hosted data through a range of advanced technologies to encrypt, control and manage encryption keys, control & audit access of data. Explore a new Azure Disk Encryption solution that can help protect and safeguard your data to meet your organizational security and compliance commitments.
Device Guard is a combination of hardware and software security features that, when configured together, will lock a device down so that it can only run trusted applications. Find out how it works, when to use it, and learn about the software and hardware required.
Get an early look at Enterprise Data Protection (EDP), a new feature that will offer a better user experience, while helping to better separate and protect enterprise apps and data against disclosure risks across both company and personal devices, without requiring changes in environments or apps.
In Windows 10, Microsoft Passport will replace passwords with strong two-factor authentication that consists of an enrolled device and a Windows Hello (biometric) or PIN. Learn how Microsoft Passport works and start to explore enterprise scenarios for using this technology.
Find out how Windows 10 can help protected against credential theft crisis with a solution that is easy to deploy, always multi-factor, theft and phish proof, and provides true single sign-on even as you transition from on-premises to the web.
Explore the technologies that can truly end the use of passwords and make multi-factor authentication the default, provide an easy to use and deploy data loss prevention (DLP) capability right in the platform, and enable organizations to virtually eliminate malware threats to the Windows platform including those that come by way of the browser.
Windows 10 will remove biometric frameworks dependencies on passwords, address bio sensor costs challenges, and have biometrics poised for mainstreaming. Learn more about MicrosoftÆs work on biometrics options such as fingerprints and other options, sensor types, and what you can expect in terms of bio-enabled devices in 2015.
Windows 10 delivers a fully integrated data loss prevention (DLP) capability, making it easy to deploy, cost effective, and easy to use. Learn more about this new technology along with the improvements coming soon for BitLocker.
Learn why and how you should leverage Windows 10 security technologies like Device Guard, BitLocker, AppLocker, UAC, Least Privilege, and Remote Desktop Restricted Admin-mode. In this 75-minute session with Microsoft Windows MVP and Windows Technical Expert Program member Sami Laiho, youÆll see hands-on examples on how someone might attempt to break into an unprotected operating system—and learn how to protect your organization. If you still need to convince your boss to give you budget for implementing more security measures, don't miss this!
Look at the latest mobility features in Microsoft Intune, a born-in-the-cloud device management solution. Find out how you can integrate with the existing market leader in endpoint management, Microsoft System Center Configuration Manager and manage mobile devices with Office 365.
Endpoint Protection in System Center 2012 Configuration Manager provides security, antimalware, and Windows Firewall management for computers in your enterprise. Walk through the planning, configuration, and administration of Endpoint Protection plus learn about prerequisites, best practices, and deployment.
This is a monthly newsletter for IT professionals and developers–bringing security news, guidance, updates, and community resources directly to your inbox. If you would like to receive less technical security news, guidance, and updates, please subscribe to the Microsoft Security for Home Computer Users Newsletter.
If you would prefer not to receive the Microsoft Security Newsletter from Microsoft and its family of companies please http://click.email.microsoftemail. com/m_hcp.aspx?qs=0bb7f39debca1b0ad10fb2e924b6311d344a0079e5cc587f4d16330b7c3cc 8e7aa3d48879950d85d33a47e9a9586dfefd285dcac31618dc88c067dd0b5f3fe595391f1b00306 40e4337fbbbfcf98f3d7a9b65ba61ce0559b&oneClick=newsletter
click here . These settings will not affect any other newsletters you've requested or any mandatory service communications that are considered part of certain Microsoft services.
To set your contact preferences for other Microsoft communications http://click .email.microsoftemail.com/m_hcp.aspx?qs=0bb7f39debca1b0ad10fb2e924b6311d344a007 9e5cc587f4d16330b7c3cc8e7aa3d48879950d85d33a47e9a9586dfefd285dcac31618dc88c067d d0b5f3fe595391f1b0030640e4337fbbbfcf98f3d7a9b65ba61ce0559b
click here .
One Microsoft Way
Redmond, WA 98052 USA
■ Synchronet ■ Time Warp of the Future BBS - Home of League 10 IBBS Games