Top security trends in IoT

The continuous connection of smart devices across networks, commonly called the Internet of Things (IoT) is driving a transformation in how enterprises all over the world manage network infrastructure and digital identities.

With such rapid change comes new cybersecurity challenges. Many organizations are hesitant to tap into the power of the IoT due to the complexities and risk associated with managing such a diverse – and sometimes unclear – environment. But it is possible to secure your networks, enhance productivity, and protect customers in this evolving digital landscape.

IoT security doesn’t have to be overwhelming. But it does require a proactive and strategic mindset, and the first step is to understand IoT security trends.

Top trends

IoT offers an expanding horizon of opportunity that shouldn’t be ignored due to security concerns. With foresight into these current trends, practical planning, and persistence implementation, you can move your organization vision for IoT forward with confidence in your security practices.

For insights to help you improve your security posture, visit us at Microsoft Secure.

Categories: cybersecurity, IoT, security, Trends Tags:

MS16-099 – Critical: Security Update for Microsoft Office (3177451) – Version: 2.0

Severity Rating: Critical
Revision Note: V2.0 (August 22, 2016): V2.0 (August 22, 2016): Bulletin revised to announce the availability of the 14.6.7 update for Microsoft Office for Mac 2011 (3179162) and the 15.25 update for Microsoft Office 2016 for Mac (3179163). Customers running affected Mac software should install the appropriate update for their product to be protected from the vulnerabilities discussed in this bulletin. Customers running other Microsoft Office software do not need to take any action. See Microsoft Knowledge Base Article 3179162 and Microsoft Knowledge Base Article 3179163 for more information and download links.
Summary: This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

Categories: Uncategorized Tags:

MS16-099 – Critical: Security Update for Microsoft Office (3177451) – Version: 2.0

Severity Rating: Critical
Revision Note: V2.0 (August 22, 2016): V2.0 (August 22, 2016): Bulletin revised to announce the availability of the 14.6.7 update for Microsoft Office for Mac 2011 (3179162) and the 15.25 update for Microsoft Office 2016 for Mac (3179163). Customers running affected Mac software should install the appropriate update for their product to be protected from the vulnerabilities discussed in this bulletin. Customers running other Microsoft Office software do not need to take any action. See Microsoft Knowledge Base Article 3179162 and Microsoft Knowledge Base Article 3179163 for more information and download links.
Summary: This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

Categories: Uncategorized Tags:

MS16-075 – Important: Security Update for Windows SMB Server (3164038) – Version: 1.1

Severity Rating: Important
Revision Note: V1.1 (August 18, 2016): Bulletin revised to correct the Updates Replaced references for Window 10 and Windows 10 Version 1511 in the Affected Software table. This is an informational change only.
Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker logs on to the system and runs a specially crafted application.

Categories: Uncategorized Tags:

MS16-AUG – Microsoft Security Bulletin Summary for August 2016 – Version: 1.4

Categories: Uncategorized Tags:

MS16-075 – Important: Security Update for Windows SMB Server (3164038) – Version: 1.1

Severity Rating: Important
Revision Note: V1.1 (August 18, 2016): Bulletin revised to correct the Updates Replaced references for Window 10 and Windows 10 Version 1511 in the Affected Software table. This is an informational change only.
Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker logs on to the system and runs a specially crafted application.

Categories: Uncategorized Tags:

MS16-AUG – Microsoft Security Bulletin Summary for August 2016 – Version: 1.4

Categories: Uncategorized Tags:

Rise in severe vulnerabilities highlights importance of software updates

August 17th, 2016 No comments

In the context of computer security, vulnerabilities are weaknesses in software that could allow an attacker to compromise the integrity, availability, or confidentiality of either the software itself or the system it’s running on. Some of the worst vulnerabilities allow attackers to exploit the compromised system by causing it to run malicious code without the user’s knowledge. The effects of this can range from the annoying (experiencing unwanted pop-up ads) to the catastrophic (leaking sensitive customer information).

For this reason, disclosing vulnerabilities to the public as they are found is an important part of the software industry. It’s an effort that goes well beyond the software companies who develop the code. Disclosures can come from a variety of sources, including publishers of the affected software, security software vendors, independent security researchers, and even malware creators.

Attackers and the malware they create routinely attempt to use unpatched vulnerabilities to compromise and victimize organizations, so it’s imperative that CIOs, CISOs and the rest of an organization’s security team pay close attention to disclosures as they are announced. Doing so can help the security team understand if their IT environment is at increased risk, and whether putting new mitigations in place is warranted.

Industry-wide vulnerability disclosures each half year into the second half of 2015

Industry-wide vulnerability disclosures each half year into the second half of 2015

This year the importance of tracking disclosures was highlighted as vulnerability disclosures across the industry increased 9.4 percent between the first and second half of 2015, to almost 3,300.

Even more troubling, disclosures of high-severity vulnerabilities increased 41.7 percent across the industry in the second half of 2015, to account for 41.8 percent of the total — the largest share for such vulnerabilities in at least three years.

These are the vulnerabilities that security teams dread as they enable attackers to gain easy access to software, PCs, devices, and servers. For organizations that work with sensitive customer data or that must comply with security regulations to maintain contracts, the results of such an infection are potentially dire.

Vendors with a known vulnerability in their products will generally issue a patch to close the door, so staying abreast of those updates is a critical concern for security professionals. With over 6,000 vulnerabilities publicly disclosed per year across the industry, it’s important that organizations assess all software in their IT environment and ensure that it is updated.

For an analysis of vulnerabilities disclosed in the latter half of 2015, take a look at our latest Security Intelligence Report and the information available through the NVD. And for a high-level look at the top 10 trends and stats that matter most to security professionals right now, be sure and download our 2016 Trends in Cybersecurity e-book.

Learn more at Microsoft Secure.

Categories: cybersecurity, security, vulnerabilities Tags:

Managing cloud security: Four key questions to evaluate your security position

As cloud computing and the Internet of Things (IoT) continue to transform the global economy, businesses recognize that securing enterprise data must be viewed as an ongoing process. Securing the ever-expanding volume, variety, and sources of data is not easy; however, with an adaptive mindset, you can achieve persistent and effective cloud security.

The first step is knowing the key risk areas in cloud computing and IoT processes and assessing whether and where your organization may be exposed to data leaks. File sharing solutions improve the way people collaborate but pose a serious point of vulnerability. Mobile workforces decentralize data storage and dissolve traditional business perimeters.

SaaS solutions turn authentication and user identification into an always-on and always-changing topic. Second, it’s worth developing the habit—if you haven’t already—of reviewing and adapting cloud security strategy as an ongoing capability. To that end, here are eight key questions to revisit regularly, four of which we dive deeper into below.

 

Is your security budget scaling appropriately?

Security teams routinely manage numerous security solutions on a daily basis and typically monitor thousands of security alerts. At the same time, they need to keep rapid response practices sharp and ready for deployment in case of a breach. Organizations must regularly verify that sufficient funds are allocated to cover day-to-day security operations as well as rapid, ad hoc responses if and when a breach is detected.

Do you have both visibility into and control of critical business data?

With potential revenue loss from a single breach in the tens of millions of dollars, preventing data leaks is a central pillar of cloud security strategy. Regularly review how, when, where, and by whom your business data is being accessed. Monitoring whether permissions are appropriate for a user’s role and responsibilities as well as for different types of data must be constant.

Are you monitoring shadow IT adequately?

Today, the average employee uses 17 cloud apps, and mobile users access company resources from a wide variety of locations and devices. Remote and mobile work coupled with the increasing variety of cloud-based solutions (often free) raises concerns that traditional on-premises security tools and policies may not provide the level of visibility and control you need. Check whether you can identify mobile device and cloud application users on your network, and monitor changes in usage behavior. To mitigate risks of an accidental data breach, teach current and onboarding employees your organization’s best practices for using ad hoc apps and access.

Is your remote access security policy keeping up?

Traditional remote access technologies build a direct channel between external users and your apps, and that makes it risky to publish internal apps to external users. Your organization needs a secure remote access strategy that will help you manage and protect corporate resources as cloud solutions, platforms, and infrastructures evolve. Consider using automated and adaptive policies to reduce time and resources needed to identify and validate risks.

Checklist

These are just a few questions to get you thinking about recursive, adaptive cloud security. Stay on top of your security game by visiting resources on Microsoft Secure.

Categories: Cloud Computing, IoT, SaaS, security Tags:

MS16-AUG – Microsoft Security Bulletin Summary for August 2016 – Version: 1.3

Revision Note: V1.3 (August 12, 2016): For MS16-102, bulletin revised to remove Windows 10 version 1607 from the affected software table because it is not affected. This is an informational change only. Customers who have already successfully installed the update do not need to take any action.
Summary: This bulletin summary lists security bulletins released for August 2016.

Categories: Uncategorized Tags:

MS16-102 – Critical: Security Update for Microsoft Windows PDF Library (3182248) – Version: 1.2

Severity Rating: Critical
Revision Note: V1.2 (August 12, 2016): Bulletin revised to correct the updates replaced for Window 8.1, Windows Server 2012, and Windows Server 2012. Bulletin revised to remove Windows 10 version 1607 from the affected software table because it is not affected. This is an informational change only. Customers who have already successfully installed the update do not need to take any action.
Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user views specially crafted PDF content online or opens a specially crafted PDF document. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Categories: Uncategorized Tags:

MS16-AUG – Microsoft Security Bulletin Summary for August 2016 – Version: 1.3

Revision Note: V1.3 (August 12, 2016): For MS16-102, bulletin revised to remove Windows 10 version 1607 from the affected software table because it is not affected. This is an informational change only. Customers who have already successfully installed the update do not need to take any action.
Summary: This bulletin summary lists security bulletins released for August 2016.

Categories: Uncategorized Tags:

MS16-102 – Critical: Security Update for Microsoft Windows PDF Library (3182248) – Version: 1.2

Severity Rating: Critical
Revision Note: V1.2 (August 12, 2016): Bulletin revised to correct the updates replaced for Window 8.1, Windows Server 2012, and Windows Server 2012. Bulletin revised to remove Windows 10 version 1607 from the affected software table because it is not affected. This is an informational change only. Customers who have already successfully installed the update do not need to take any action.
Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user views specially crafted PDF content online or opens a specially crafted PDF document. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Categories: Uncategorized Tags:

MS16-AUG – Microsoft Security Bulletin Summary for August 2016 – Version: 1.2

Revision Note: V1.2 (August 11, 2016): For MS16-102, bulletin revised to remove Windows Server 2012 R2 (Server Core installation) from the affected software table because the Server Core version of Windows Server 2012 R2 is not affected. These are informational changes only. Customers who have already successfully installed the update do not need to take any action.
Summary: This bulletin summary lists security bulletins released for August 2016.

Categories: Uncategorized Tags:

MS16-099 – Critical: Security Update for Microsoft Office (3177451) – Version: 1.1

Severity Rating: Critical
Revision Note: V1.1 (August 11, 2016): Bulletin revised to correct the updates replaced for Microsoft Word Viewer packages 3115480 and 3115479. This is an informational change only. Customers who have already successfully updated their systems do not need to take any action.
Summary: This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

Categories: Uncategorized Tags:

MS16-035 – Important: Security Update for .NET Framework to Address Security Feature Bypass (3141780) – Version: 2.3

Severity Rating: Important
Revision Note: V2.3 (August 11, 2016): Revised bulletin to announce a detection change to correct an offering issue for 3135996. This is a detection change only. There were no changes to the update files. Customers who have already successfully installed the update do not need to take any action.
Summary: This security update resolves a vulnerability in Microsoft .NET Framework. The security feature bypass exists in a .NET Framework component that does not properly validate certain elements of a signed XML document.

Categories: Uncategorized Tags:

MS16-102 – Critical: Security Update for Microsoft Windows PDF Library (3182248) – Version: 1.1

Severity Rating: Critical
Revision Note: V1.1 (August 11, 2016): Bulletin revised to remove Windows Server 2012 R2 (Server Core installation) from the affected software table because the Server Core version of Windows Server 2012 R2 is not affected. This is an informational change only. Customers who have already successfully installed the update do not need to take any action
Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user views specially crafted PDF content online or opens a specially crafted PDF document. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Categories: Uncategorized Tags:

MS16-AUG – Microsoft Security Bulletin Summary for August 2016 – Version: 1.2

Revision Note: V1.2 (August 11, 2016): For MS16-102, bulletin revised to remove Windows Server 2012 R2 (Server Core installation) from the affected software table because the Server Core version of Windows Server 2012 R2 is not affected. These are informational changes only. Customers who have already successfully installed the update do not need to take any action.
Summary: This bulletin summary lists security bulletins released for August 2016.

Categories: Uncategorized Tags:

MS16-102 – Critical: Security Update for Microsoft Windows PDF Library (3182248) – Version: 1.1

Severity Rating: Critical
Revision Note: V1.1 (August 11, 2016): Bulletin revised to remove Windows Server 2012 R2 (Server Core installation) from the affected software table because the Server Core version of Windows Server 2012 R2 is not affected. This is an informational change only. Customers who have already successfully installed the update do not need to take any action
Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user views specially crafted PDF content online or opens a specially crafted PDF document. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Categories: Uncategorized Tags:

MS16-099 – Critical: Security Update for Microsoft Office (3177451) – Version: 1.1

Severity Rating: Critical
Revision Note: V1.1 (August 11, 2016): Bulletin revised to correct the updates replaced for Microsoft Word Viewer packages 3115480 and 3115479. This is an informational change only. Customers who have already successfully updated their systems do not need to take any action.
Summary: This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

Categories: Uncategorized Tags: