MicroSoft

Microsoft Edge now can automatically switch users to a secure HTTPS connection when visiting websites over HTTP after enabling Automatic HTTPS. This new feature is in preview in the Canary and Developer preview channels and is rolling out to select users of Microsoft Edge 92. The announcement made today by the Microsoft Edge Team comes after the company added the feature to the Microsoft 365 roadmap in April, with an estimated release in July. “Automatic HTTPS switches your connections to websites from HTTP to HTTPS on sites that are highly likely to support the more secure protocol,” Microsoft said today. “The list of HTTPS-capable websites is based on Microsoft’s analysis of the web, and helps enable a more secure connection on hundreds of thousands of top domains.” Blocks MITM attacks, web traffic tampering The automatic switch to an HTTPS connection will protect Edge users from man-in-the-middle (MITM) attacks attempting to snoop on data exchanged with websites over unencrypted HTTP connections. Data sent and received over HTTP (including passwords, credit card info, and various other sensitive info) can also be harvested by malicious programs running on a compromised computer. Ensuring that you’re always using HTTPS when browsing the web helps secure your data while in transit by encrypting the connection to the sites’ servers. HTTPS also makes sure that threat actors trying to intercept your web traffic will not be able to alter the data exchanged with Internet sites without being detected. How to test it right now If you want to test it right now, you have to open edge://settings/privacy and turn on “Automatically switch to more secure connections with Automatic HTTPS.” If the experiment hasn’t reached you yet, you can enable it by going to edge://flags/#edge-automatic-https, toggling on the ‘Automatic HTTPS’ experimental flag, and restarting the browser. The HTTPS upgrades will be automatic with no alerts to allow you to browse the web just as you usually do, but over a secure connection wherever possible. While, by default, Automatic HTTPS will only switch to HTTPS on sites likely to support this secure protocol, you can also choose to have all connections switched, which will likely lead to connection errors if the website is missing HTTPS support. Microsoft is not the first major web browser vendor to add an option to enable HTTPS on all websites automatically. For instance, Google Chrome defaults to HTTPS for URLs typed in the address bar if no protocol is specified. Mozilla has also added an HTTPS-Only Mode designed to secures web browsing by rewriting URLs to use the HTTPS protocol (even though disabled by default, it can be enabled from the browser’s settings). NOTE:: This article is copyright bybleepingcomputer.com and we are using it for educational or Information purpose only    

Microsoft is investigating an Office 365 issue causing Outlook and Exchange Online emails to skip recipients’ inboxes and being sent their junk folders instead. “We’re investigating an issue in which email is being sent to the junk folder,” Microsoft shared on the company’s Microsoft 365 Status Twitter account. “We’re investigating a potential issue and checking for impact to your organization,” Microsoft added in the admin center. The company added that more information will be shared within 30 minutes under EX258373 in the Microsoft 365 admin center. The Microsoft 365 Service health status page is currently directing customers to the Microsoft 365 Status Twitter account for more details regarding this ongoing incident. Microsoft fixed another issue today caused by a recently deployed spam rule that prevented users from forwarding email messages using Exchange Online. Earlier this month, another Office 365 issue resulted in legitimate emails sent from multiple domains (including Google and LinkedIn) getting tagged as malicious and quarantined. Last month, a Microsoft 365 outage prevented Exchange Online users from sending and receiving emails, with messages being stuck in transit and not reaching the recipients’ inboxes. Exchange Online was also knocked down by a widespread authentication outage in March, preventing users from logging into their accounts due to an Azure Active Directory (Azure AD) configuration issue. The March massive outage affected multiple other Microsoft services at the time besides Exchange Online, including Microsoft Teams, Forms, Xbox Live, Intune, Outlook.com, Office Web, SharePoint Online, OneDrive for Business, Yammer, and more. In September, Microsoft users experienced another worldwide outage showing “transient” errors that knocked down Office 365 and several other related services, including Microsoft Teams, Office.com, Power Platform, and Dynamics365. Update 1: Microsoft is reverting the change behind email incorrectly being routed to the junk folder. NOTE:: This article is copyright by bleepingcomputer.com and we are using it for educational or Information purpose only  

The Microsoft Exchange admin portal is currently inaccessible from some browsers after Microsoft forgot to renew the SSL certificate for the website. Starting at 8 AM EST today, Microsoft Exchange admins who attempted to access the admin portal at admin.exchange.microsoft.comsuddenly found that their browsers were issuing warnings that the connection was not private due to an expired SSL certificate. Depending on the browser, users are blocked from accessing the site as a security precaution or shown an alert that the data may not be secure. For example, Google Chrome will stop you from accessing the site altogether, while Firefox will warn you about the insecure connection. According to Qualys’ SSL Labs, the certificate expired today, Sun, 23 May 2021, at 12:00:00 UTC. For those on the east coast of the United States, that is is equivalent to Sun, 23 May 2021 08:00:00 EST. Microsoft states that they are aware of the issue and are working on a fix. As a temporary workaround, Microsoft states you can access the admin portal from the https://outlook.office.com/ecp/ URL as well. Unfortunately, outages caused by expired certificates are becoming all too common as almost all online services have now switched over to secure connections. With encrypted communications come additional complexity and human error, such as forgetting to renew an SSL certificate. In August 2020, an expired certificate for California’s CalREDIE infectious disease reporting system led to an underreporting of COVID-19 cases in the state as data was prevented from being uploaded. We have also seen expired SSL certificates affecting consumer-facing services, such as Spotify, Microsoft Teams, and Facebook’s Tor server. Reached out to Microsoft to learn more about when they expect the SSL certificate to be renewed but has not heard back at this time. NOTE:: This article is copyright by bleepingcomputer.com and we are using it for educational or Information purpose only  

Microsoft today announced that multiple .NET Framework versions signed using the legacy and insecure Secure Hash Algorithm 1 (SHA-1) will reach end of support next year. The .NET Framework is a free software development framework that helps developers build .NET applications, websites, and services and users to run them on many operating systems (including Windows), using different implementations of .NET. “.NET Framework 4.5.2, 4.6, and 4.6.1 will reach end of support on April 26, 2022,” said Jamshed Damkewala, .NET Principal Engineering Manager. “After this date, we will no longer provide updates including security fixes or technical support for these versions.” The only exception is the .NET Framework 4.6 version that ships with Windows 10 Enterprise LTSC 2015, which will get its support extended to October 2025, when the OS reaches its end of life. No recompiling or retargeting after move to 4.6.2 or later .NET developers are recommended to migrate their applications to at least .NET Framework 4.6.2 or later before April 26, 2022, to continue receiving security updates and technical support. Developers who haven’t already deployed .NET Framework 4.6.2 or later versions of their apps are only required to update the runtime on which the apps are running to at least version 4.6.2 to stay supported. .NET Framework 4.6.2 (shipped almost five years ago) and .NET Framework 4.8 (shipped two years ago) are both stable runtimes and compatible in-place replacements already “broadly deployed to hundreds of millions of computers via Windows Update (WU).” “If your application was built to target .NET Framework 4 – 4.6.1, it should continue to run on .NET Framework 4.6.2 and later without any changes in most cases,” Damkewala added, without a need to recompile or retarget. “That said, we strongly recommend you validate that the functionality of your app is unaffected when running on the newer runtime version before you deploy the updated runtime in your production environment.” Retired after switch to SHA-2 signing Microsoft is retiring these .NET Framework versions because they are digitally signed with certificates that use the legacy SHA-1 cryptographic hashing algorithm, which is now insecure. Security researchers released a report in 2015 on SHA-1’s vulnerability to collision attacks that could enable threat actors to forge digital certificates to impersonate companies or websites. These forged digital certificates can be used to spoof companies, add legitimacy to phishing messages, or in man-in-the-middle attacks to snoop on encrypted network sessions. Starting next month, on May 9, all major Microsoft services and processes (including code signing, file hashing, and TLS certificates) will use the SHA-2 algorithm exclusively. Microsoft also retired all Windows-signed SHA-1 content from the Microsoft Download Center in August 2020, after changing the signing of Windows updates to use the SHA-2 algorithm one year before. It’s also important to note that, although Microsoft only supports SHA-2-signed content for official content, Windows executables signed using manually installed enterprise or self-signed SHA-1 certificates can still run in the operating system. NOTE:: This article is copyright by bleepingcomputer.com and we are using it for educational or Information purpose only The Best Internet & e-Mail Security Suite 2021      

A Microsoft 365 outage is preventing Exchange Online users from sending and receiving emails, with messages being stuck in transit and not reaching the recipients’ inboxes. “We’re investigating a potential issue with Exchange Online mailflow in North America,” Microsoft shared on the company’s Microsoft 365 Status Twitter account. “Further information can be found under EX252124 in the admin center,” the company added, with the last update saying that Redmond is monitoring telemetry to find the source of this ongoing issue. The Microsoft 365 Service health status page is currently directing customers to the Microsoft 365 Status Twitter account for more insight regarding this incident. Office 365 users report seeing “Temporary server error. Please try again later” MX errors and experiencing SMTP issues across Microsoft 365 tenants. Exchange Online was also knocked down by a widespread authentication outage last month blocking users from logging into their accounts and caused by an Azure Active Directory (Azure AD) configuration issue. Last month’s massive outage impacted multiple other Microsoft services at the time besides Exchange Online, including Microsoft Teams, Forms, Xbox Live, Intune, Outlook.com, Office Web, SharePoint Online, OneDrive for Business, Yammer, and more. In September, Microsoft customers experienced another worldwide outage showing “transient” errors and knocking down Office 365 and related services, including Microsoft Teams, Office.com, Power Platform, and Dynamics365. Update 1: Microsoft says that the outage is caused by a load balancing configuration issue. “Our preliminary investigation has determined impact is being caused by a load balancing configuration issue,” Microsoft said. “This occurs when a call to validate inbound mail is received. This call is being duplicated, creating a spike in utilization.” “We’re working to restore the underlying database infrastructure to remediate impact. Emails were queued for delivery and the service will automatically retry deliveries once the underlying database infrastructure has recovered. Users will not need to resend the impacted emails.” Update 2: Exchange Online mailflow has been restored. NOTE:: This article is copyright by bleepingcomputer.com and we are using it for educational or Information purpose only The Best Internet & e-Mail Security Suite 2021  

Some Windows 10 users have issues with DNS resolution after installing the latest Windows 10 cumulative updates released this week. As part of this week’s April 2021 Patch Tuesday, Microsoft released the Windows 10 KB5001330 & KB5001337 cumulative updates to fix various security vulnerabilities and bugs discovered in the operating system. Since installing the updates, some corporate users have reported having issues with DNS resolution that prevent access to shared folders on servers when trying to access them by the server’s name. If attempting to access the shared folder via the server’s IP address, users can properly connect to the shared folders. To access shared folders again, admins had to uninstall the cumulative update, which is not a good solution as it removes security fixes. After users began reporting the issue on forum, users determined that many affected users are using the Dentrix Dental Practice Management software in their offices. A longstanding support recommendation for Dentrix customers to reduce network lag has been to disable multicase name resolution (LLMNR) on Windows workstations.  This is done by enabling the ‘Turn off multicast name resolution’ group policy under Computer Configuration > Administrative Templates > Network > DNS Client. However, since installing the latest cumulative updates, this policy prevents users from accessing their shared server folders.  Dentrix has acknowledged the issue and stated that after coordinating with Microsoft, disabling this group policy is the recommended way to resolve this issue. “After working with Microsoft, we believe that we have found a solution that allows you to keep the critical Microsoft Security Update installed. It appears that this issue can be resolved by enabling “Link Layer Multi-cast Name Resolution” (LLMNR). This is a Windows Group Policy that many users have disabled over the years. Re-enabling it seems to restore proper IP Address resolution which in turn restores connectivity to the Dentrix Database. To enable LLMNR, follow the steps below.” To disable the policy (enable LLMNR) and fix the DNS resolution issues, the recommended steps are: Go to Start>Run and type GPEdit.msc      This should open the Local Group Policy Editor. Use the Group Policy Editor to navigate to Local Computer Policy>Computer Configuration>Administrative Template>Network>DNS Client. Double-Click “Turn Off Multicast Name Resolution.”  Mark the radio button labeled “Disabled.” Click Apply and OK.  Open a Windows Command Prompt Window (Start>Cmd.exe) and enter the command ipconfig /flushdns . Dentrix customers do not see this as an adequate solution as LLMNR could cause lag while using the software. Instead, they recommend users add the affected server’s name and IP address to the HOSTS file, which seems to fix the issue. “Enabling Multicast is definitely not an option for Dentrix due to slowness. Microsoft needs to release a fix asap. Best resolution we have found so far is the host file fix, the DNS service fix hasn’t fixed any of them yet for us but was reported by someone else as a fix.” – a Dentrix customer posted to our forums. This bug is not related solely to Dentrix users but instead to whoever has LLMNR disabled, which for the most part, has been Dentrix customers who were told to disable it.  While it is unknown what caused this bug, Microsoft fixed two DNS vulnerabilities [1, 2] this month that may have contributed to this abnormal behavior. NOTE:: This article is copyright by bleepingcomputer.com and we are using it for educational or Information purpose only  

Microsoft has addressed a known issue causing memory or disk space errors when opening some documents using Microsoft Word, Microsoft Excel, or other Microsoft Office apps. This known issue only affects customers who have installed Microsoft Office apps from the Microsoft Store and are trying to open an Office document that triggers the Protected View feature. Protected View is an Office feature that opens documents in read-only mode and disables most editing functions for documents received as email attachments or opened from an unsafe location (the Internet, someone else’s OneDrive storage, etc.). Only customers using Microsoft Office on devices running Windows 10, version 20H2 or Windows 10, version 2004 are impacted by this known issue. Users encountering this issue will see a “Microsoft Excel cannot open or save any more documents because there is not enough available memory or disk space” error. Microsoft has resolved the issue using Known Issue Rollback (KIR), a Windows 10 capability Redmond uses to revert buggy non-security fixes delivered through Windows Update.   The fix is rolling out to all affected customers, but it might take up to 24 hours to propagate to all non-managed Windows systems. If you want to apply the fix faster, restarting the device might help according to the known issue’s entry on the Windows 10 Health dashboard. “For enterprise-managed devices that have installed an affected update and encountered this issue, it can be resolved by installing and configuring a special Group Policy,” Microsoft added. “Devices need to be restarted after configuring the special Group Policy. To find out more about using Group Policies, see Group Policy Overview.” Fix for Windows 10 printing crashes in the works  Microsoft is also working on resolving a known issue causing blue screen errors on Windows 10 computers printing to some network printers after installing the March 2021 cumulative updates Redmond confirmed the issue behind system crashes on devices running Windows 10 1803 or later after BleepingComputer reported a wave of user complaints regarding system crashes when printing. The company has also shared a temporary fix for the Windows 10 printing crashes, which requires enabling Direct Printing or applying the PrinterIsolationAware fix to affected apps. NOTE:: This article is copyright by bleepingcomputer.com and we are using it for educational or Information purpose only          

The Windows 10 KB5000802 and KB5000808 cumulative updates released yesterday are causing Blue Screen of Death crashes when printing to network printers. Yesterday, Microsoft released the Windows 10 KB5000802 and KB5000808 cumulative updates as part of the March 2021 Patch Tuesday. Since then, there has been a constant stream of complaints that printing is causing Windows 10 to crash with an “APC_INDEX_MISMATCH for win32kfull.sys” blue screen of death crash. According to posts by system administrators on Reddit [1, 2], the Windows 10 crashes began immediately after installing yesterday’s KB5000802 and KB5000808 updates and attempting to print. “Hey Jen, several folks over in r/sysadmin, myself included, are seeing a BSOD post-update (on at least Win10 20H2 so far) when sending print jobs to any Windows Server printer share using a type 3 Kyocera KX driver. (i.e., type 4 KX driver and other generic type 3/4 drivers don’t exhibit the issue),” one Reddit user posted. “KB5000802 broke all Kyocera printing at one of my clients. BSOD’s in the same style as the problem with printing back in June 2020,” confirmed another user, while stating that none of the normal fixes appear to be working. Some of the printer brands known to be affected, include Kyocera, Ricoh, and Dymo. This indicates that Microsoft has pulled the updates from Windows Update while they look into the issues. However, the updates are still available via the Microsoft Update Catalog. Furthermore, some of our machines are being offered the KB4601382 Preview cumulative update released on February 24th, but not yesterday’s KB5000802 update, indicating that a security update is likely causing the crashes. Yesterday, Microsoft released two security updates, tracked as CVE-2021-1640 and CVE-2021-26878, to fix a privilege elevation vulnerability in the Windows Print Spooler. Microsoft does not include security updates in the Preview cumulative update offered last month, which is likely why users did not experience the same crashes when printing. During the June 2020 Patch Tuesday updates, a bug was also introduced that prevented users from printing. To resolve these printing issues, Microsoft released out-of-band updates for Windows users. How to fix the win32kfull.sys crashes when printing Unfortunately, attempts to fix the issue by upgrading printer drivers have been mainly unsuccessful. Instead, Windows 10 users have been forced to uninstall the KB5000802 or KB5000808 updates for printing to work correctly again. If you are affected by the printing bug, you can uninstall the Windows 10 KB5000802 cumulative update by closing applications and opening a command prompt. In the command prompt, enter the following command: wusa /uninstall /kb:5000802 To uninstall the Windows 10 KB5000808 cumulative update, use this command instead: wusa /uninstall /kb:5000808 You can use this guide for more help uninstalling the updates. NOTE:: This article is copyright by bleepingcomputer.com and we are using it for educational or Information purpose only