Windows News and Insights | Microsoft Security Blog

A graphic showing a store with a window and numbers.

April 16, 2025
12 min read

Cyber Signals Issue 9 | AI-powered deception: Emerging fraud threats and countermeasures

Microsoft maintains a continuous effort to protect its platforms and customers from fraud and abuse.

April 15, 2025
10 min read

Threat actors misuse Node.js to deliver malware and other malicious payloads

Since October 2024, Microsoft Defender Experts has observed and helped multiple customers address campaigns leveraging Node.

March 31, 2025
13 min read

Analyzing open-source bootloaders: Finding vulnerabilities faster with AI

Using Microsoft Security Copilot to expedite the discovery process, Microsoft has uncovered several vulnerabilities in multiple open-source bootloaders impacting all operating systems relying on Unified Extensible Firmware Interface (UEFI) Secure Boot.

A man wearing glasses and headphones looking at a computer screen

March 6, 2025
32 min read

Malvertising campaign leads to info stealers hosted on GitHub

Microsoft detected a large-scale malvertising campaign in early December 2024 that impacted nearly one million devices globally.

Top-down view of a bearded man in a gray/blue shirt seated at a desk working on a Surface laptop connected to three large monitors. Desktop has phone, glasses, mouse and other laptops on it.

October 11, 2024
6 min read

Microsoft’s guidance to help mitigate Kerberoasting

Kerberoasting, a well-known Active Directory (AD) attack vector, enables threat actors to steal credentials and navigate through devices and networks.

Two colleagues in a courtyard on a laptop

August 8, 2024
15 min read

Chained for attack: OpenVPN vulnerabilities discovered leading to RCE and LPE

Microsoft researchers found multiple vulnerabilities in OpenVPN that could lead to an attack chain allowing remote code execution and local privilege escalation.

Man in a collared shirt working on a server station inside a secure room. Coworkers and large monitors are in the background.

May 20, 2024
10 min read

New Windows 11 features strengthen security to address evolving cyberthreat landscape

Today, ahead of the Microsoft Build 2024 conference, we announced a new class of Windows computers, Copilot+ PC.

April 23, 2024
4 min read

New Microsoft Incident Response guide helps simplify cyberthreat investigations

Discover how to fortify your organization’s cybersecurity defense with this practical guide on digital forensics from Microsoft’s Incident Response team.

April 22, 2024
10 min read

Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials

Since 2019, Forest Blizzard has used a custom post-compromise tool to exploit a vulnerability in the Windows Print Spooler service that allows elevated permissions.

A security practitioner works at a computer.

February 1, 2024
8 min read

3 new ways the Microsoft Intune Suite offers security, simplification, and savings

The main components of the Microsoft Intune Suite are now generally available.

Engaged developer in focused work in the context of automation in manufacturing to build intelligent apps powered by Azure.

January 29, 2024
6 min read

Best practices in moving to cloud native endpoint management

This blog is the second of three that details our recommendation to adopt cloud native device management.

Security practitioners at work in a security operations center.

September 26, 2023
6 min read

New security features in Windows 11 protect users and empower IT

Windows 11 is designed to simplify security with features from the chip to the cloud that are on by default.

Windows

Refine results