Tag Archive for: microsoft

Multi-Factor Authentication for Office 365

12 Feb 2014
February 12, 2014

Today we’re adding Multi-Factor Authentication for Office 365 to Office 365 Midsize Business, Enterprise plans, Academic plans, Nonprofit plans, and standalone Office 365 plans, including Exchange Online and SharePoint Online. This will allow organizations with these subscriptions to enable multi-factor authentication for their Office 365 users without requiring any additional purchase or subscription.

(This is a “link post” — the title links to the original article)

Another Tool for the Cleaning Toolbox

10 Jul 2011
July 10, 2011

Like many who are responsible for curing the PCs of friends and family, I’ve been leaning on the 1-2 combo punch of Malwarebytes Anti-Malware (free) and SUPERAntiSpyware (also free) for the past year or so. Between the two of them — and judicious use of Safe Mode scanning — I’ve been able to cure most ailments that come my way.

[tip: did you know about the SUPERAntiSpyware portable version? I keep a copy on my utility USB stick updated every week or so. Handy!]

On a typical infection each will find things the other doesn’t so I don’t mind running both. Face it: the “good guys” in the fixing business are always behind the “bad guys” in the infecting business. I don’t really expect any one tool to do everything.

But I sure hate it when I still have an infected machine after repeated runs of both apps!

I now have one more tool to add to the mix: Microsoft’s System Sweeper. This is a beta product that I first learned about from the Security Now podcast (episode 303). There are downloads for 32 and 64 bit machines. Just download the proper one, run the installer and it will burn a CD image or create a bootable USB drive for you. Pop that into the infected machine and have it boot from the System Sweeper media.

When it runs you have something that looks a lot like Microsoft’s Security Essentials but it isn’t relying on the infected machine’s Operating System. Face it, Safe Mode is nice but sometimes it just isn’t good enough. Especially when you’re going after root kits! This fixes that problem and doesn’t rely on the victim’s operating system.

In the past month I’ve had System Sweeper finish the job on every machine I’ve tried it on. Brilliant little application and I now have a USB stick dedicated to it. Highly recommended.




Less Than Helpful

26 Mar 2011
March 26, 2011

Here’s an awesome Event Log error I found on a client’s server yesterday:

Intriguing Event Log error

An application pop up happened. From an application. Problem is, it doesn’t tell me what the popup said — or what application popped it!

I was amused.



New Windows Vuln: ALL Versions

29 Jan 2011
January 29, 2011

imageI just noticed Microsoft Security Advisory (2501696) and, if you’re running a Windows OS, I think you should notice it too. This is a published vulnerability and there are proof-of-concept attacks out there. As usual, yikes.

In short:

The vulnerability exists due to the way MHTML interprets MIME-formatted requests for content blocks within a document. It is possible under certain conditions for this vulnerability to allow an attacker to inject a client-side script in the response of a Web request run in the context of the victim’s Internet Explorer. The script could spoof content, disclose information, or take any action that the user could take on the affected Web site on behalf of the targeted user.

If you visit the associated Knowledge Base Article (2501696) you’ll find the “Fix it for me” button. Might as well give it a click until a patch or fix is released.

More details at the first link and also at the Naked Security blog.