Microsoft paid Tenable a bug bounty for an Azure flaw it says doesn’t need a fix, just better documentation

June 5, 2024 at 02:48AM A vulnerability in Microsoft’s Azure cloud allows potential access to other users’ private web resources. The issue stems from Service Tags, potentially allowing cross-tenant attacks. Despite Microsoft’s initial refusal to classify it as a vulnerability, it confirmed the flaw and offered a bug bounty. Subsequently, Microsoft decided to address the … Read more

Microsoft drops SMB1 firewall rules in new Windows 11 build

November 8, 2023 at 02:57PM Windows 11 is making security improvements by updating the Windows Defender Firewall rules for SMB shares. The changes include omitting inbound NetBIOS ports and allowing connections with SMB servers over custom network ports. Administrators can still configure and modify the firewall rules as needed. These updates aim to strengthen Windows … Read more