English - French - Italian

Microsoft

Dual-Boot Linux broken after Windows security update

Peter • Sunday, August 25, 2024 • 2 mins read (397)

The issue: A monthly Windows update pushed on August 13 has disrupted dual-boot systems running both Windows and Linux. The update, released on August 13, aimed to fix a two-year-old vulnerability (!) (CVE-2022-2601) related to the GRUB bootloader but, according to Microsoft, inadvertently caused boot failures for many users: "

Microsoft

MFA mandatory for Azure services, soon

Peter • Friday, August 23, 2024 • 2 mins read (258)

The good intention: Microsoft will implement mandatory multi-factor authentication (MFA) for all Azure services starting October 2024. This move aims - of course - to enhance security by ensuring that users verify their identity through multiple methods before accessing services.

Microsoft

Simple CSS can be used to bypass anti-phishing Outlook warning...

Peter • Wednesday, August 7, 2024 • 2 mins read (278)

The issue: To help user to pay better attention to email from unfamiliar addresses, Microsoft 365 add a warning to the email stating “You don't often get email from xyz@example.com. Learn why this is important”.

Microsoft

New Outlook flaw: MonikerLink

Peter • Monday, February 19, 2024 • 1 min read (171)

The good: Microsoft Outlook attachments and links cannot be downloaded by default to prevent exploit (let say a malicious script execution). A (wellknown) readonly feature called Office Protected View. So, in theory, an attacker would be happy if you double click (but a warning will appear from Office Protected View), and then click again to unlock Office Protected View.