There is bipartisan consensus in Congress that a federal data privacy law is necessary. Public policy experts from Google, Microsoft, and Twitter discussed the issues lawmakers will need to address to craft meaningful privacy regulation at a panel at RSA Conference.
A privilege escalation attack that is the combination of known issues and weaknesses with Microsoft Exchange will let users become Domain Administrators. No compromised credentials required.
Even with a regular software update cadence, some vulnerabilities are serious enough to warrant an emergency fix. Microsoft has released an out-of-band update addressing a remote code execution flaw in Internet Explorer.
A trio of problems caused by a software update in some of Microsoft's data centers led to a service outage for customers of the Azure Active Directory MFA service last week.
Microsoft customers now have the option of logging in to Windows, on desktop or mobile devices, with a FIDO2-compliant security key--and no password.