Tux Machines

Microsoft Problems, Windows TCO

Posted by Roy Schestowitz on Aug 12, 2023

=> Programming Leftovers | Security Leftovers

Microsoft: Codesys PLC bugs could be exploited to 'shut down power plants'

=> ↺ Microsoft: Codesys PLC bugs could be exploited to 'shut down power plants'

Fifteen bugs in Codesys' industrial control systems software could be exploited to shut down power plants or steal information from critical infrastructure environments, experts have claimed.

Cyber Safety Review Board to analyze cloud security in wake of Microsoft [breach]

=> ↺ Cyber Safety Review Board to analyze cloud security in wake of Microsoft [breach]

The Cyber Safety Review Board — a public/private entity established via presidential executive order in 2021 in the wake of the SolarWinds breach and launched in early 2022 — will review the incident as part of a broader look at the “malicious targeting of cloud computing environments” and “focus on approaches government, industry, and Cloud Service Providers (CSPs) should employ to strengthen identity management and authentication in the cloud,” the agency said in a statement.

The operation [breaching] top U.S. officials’ emails, announced in July but detected in June by security staff at the U.S. State Department, spurred heavy criticism of Microsoft, particularly because evidence of the breach was only apparent if customers paid for a premium logging tier. Microsoft has since announced that customers will have access to expanded logging and storage capability at no additional cost.

US cyber safety board to investigate cloud security and [Microsoft] Exchange Online breach

=> ↺ US cyber safety board to investigate cloud security and [Microsoft] Exchange Online breach

The Cyber Safety Review Board has launched an investigation into the cybersecurity threats facing cloud service providers. The probe by the CSRB was first reported by Bloomberg late Thursday and confirmed today.

Microsoft Discloses Codesys Flaws Allowing Shutdown of Industrial Operations, Spying

=> ↺ Microsoft Discloses Codesys Flaws Allowing Shutdown of Industrial Operations, Spying

Over a dozen Codesys vulnerabilities discovered by Microsoft researchers can be exploited to shut down industrial processes or deploy backdoors.

Microsoft SQL Server 2022 preview mode is avaiable for RHEL 9 and Ubuntu 22.04 [Ed: This is not really a port, it is DrawBridge, and it's proprietary software from a company that attacks Linux. Avoid.]

=> ↺ Microsoft SQL Server 2022 preview mode is avaiable for RHEL 9 and Ubuntu 22.04

The preview mode for SQL Server 2022 is only available in its Evaluation edition, which last for 180 days that started on July 27. It now supports Red Hat Enterprise Linux (RHEL) 9 and Ubuntu 22.04.

Lost in translation: Microsoft forced to pull update due to language issue

=> ↺ Lost in translation: Microsoft forced to pull update due to language issue

Microsoft has been forced to pull an update it issued as part of its August Patch Tuesday after it was found that the patch in question, meant to fix a spoofing vulnerability in Microsoft Exchange Server, would not install properly on non-English systems.

Microsoft Exchange updates pulled after breaking non-English installs

=> ↺ Microsoft Exchange updates pulled after breaking non-English installs

Microsoft has pulled Microsoft Exchange Server’s August security updates from Windows Update after finding they break Exchange on non-English installs.

=> gemini.tuxmachines.org