Windows 365: Why I am excited about this Microsoft Offering! 🔥

Windows 365: Windows 365 combines the power and security of the cloud with the versatility and simplicity of the PC. The only thing is the pricing and the online streaming experience. We have already seen RDPs and Virtual Desktops but this time it seems to be a bit different as this thing is from Microsoft! I hope this will add some value to our development workflow!

#developer #windows #microsoft

What is GEEK

Buddha Community

Windows 365: Why I am excited about this Microsoft Offering! 🔥

Windows 365: Why I am excited about this Microsoft Offering! 🔥

Windows 365: Windows 365 combines the power and security of the cloud with the versatility and simplicity of the PC. The only thing is the pricing and the online streaming experience. We have already seen RDPs and Virtual Desktops but this time it seems to be a bit different as this thing is from Microsoft! I hope this will add some value to our development workflow!

#developer #windows #microsoft

Brain  Crist

Brain Crist


Microsoft Fixes RCE Flaws in Out-of-Band Windows Update

Microsoft has issued out-of-band patches for two “important” severity vulnerabilities, which if exploited could allow for remote code execution.

One flaw (CVE-2020-17023) exists in Microsoft’s Visual Studio Code is a free source-code editor made by Microsoft for Windows, Linux and macOS. The other (CVE-2020-17022) is in the Microsoft Windows Codecs Library; the codecs module provides stream and file interfaces for transcoding data in Windows programs.

“Microsoft has released security updates to address remote code execution vulnerabilities affecting Windows Codecs Library and Visual Studio Code,” according to a Friday CISA alert on the patches. “An attacker could exploit these vulnerabilities to take control of an affected system.”

According to Microsoft, one “important” severity flaw (CVE-2020-17022) stems from the way that Microsoft Windows Codecs Library handles objects in memory. This vulnerability has a CVSS score of 7.8 out of 10.

An attacker who successfully exploited the vulnerability could execute arbitrary code, according to Microsoft. While an attacker could be remote to launch the attack, exploitation requires that a program process a specially crafted image file.

Only customers who have installed the optional HEVC or “HEVC from Device Manufacturer” media codecs from Microsoft Store may be vulnerable. The secure Microsoft installed packed versions are 1.0.32762.0, 1.0.32763.0, and later.

“The update addresses the vulnerability by correcting how Microsoft Windows Codecs Library handles objects in memory,” according to Microsoft.

The other “important” severity flaw (which also has a CVSS score of 7.8 out of 10) exists in Visual Studio Code, when a user is tricked into opening a malicious ‘package.json’ file.

According to Microsoft, an attacker who successfully exploited this flaw (CVE-2020-17023) could run arbitrary code in the context of the current user. An attacker would first need to convince a target to clone a repository and open it in Visual Studio Code (via social engineering or otherwise). The attacker’s malicious code would execute when the target opens the malicious ‘package.json’ file.

“If the current user is logged on with administrative user rights, an attacker could take control of the affected system,” said Microsoft. “An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.”

Microsoft’s update addresses the vulnerability by modifying the way Visual Studio Code handles JSON files.

In a Twitter thread, Justin Steven, who reported the flaw, said that the issue stems from a bypass of a previously deployed patch for an RCE flaw in Visual Studio Code (CVE-2020-16881).

#hacks #vulnerabilities #web security #cve-2020-17022 #cve-2020-17023 #microsoft #microsoft store #patch #patch tuesday #rce #remote code execution #visual studio code #windows #windows codecs library

Top Microsoft big data solutions Companies | Best Microsoft big data Developers

An extensively researched list of top Microsoft big data analytics and solution with ratings & reviews to help find the best Microsoft big data solutions development companies around the world.
An exclusive list of Microsoft Big Data consulting and solution providers, after examining various factors of expert big data analytics firms and found the equivalent matches that boast the ace qualities with proven fineness in data analytics. For business growth and enterprise acceleration getting inputs from the whole data of the organization have become necessary, thus we bring to you the most trustworthy Microsoft Big Data consultants and solutions providers for your assistance.
Let’s take a look at the List of Best Microsoft big data solutions Companies.

#microsoft big data solutions development companies #microsoft big data analytics and solution #microsoft big data consultants #microsoft big data developers #microsoft big data #microsoft big data solution providers

5 Best Attributes of Microsoft Dynamics 365 Business Central

Microsoft Dynamics 365 Business Central. In this article, we are going to talk about some of the best features that we have found in dynamics 365 business central.

  1. Outlook and Business Central: After one has integrated Microsoft Dynamics 365 Business Central with outlook, they can manage their complete customer-related activities without even leaving the personal inbox. When a client sends you an inquiry about anything you can analyze that and send a quote to the client directly from outlook. When the client approves it you will be able to make that and create an invoice to post again in Outlook. This makes the process simpler and eradicates the need of moving back and forth from one app to another.

  2. Microsoft Power BI and Dynamics 365 Business Central: Microsoft’s data analytics tool called Microsoft Power BI is cool in itself. The coolness of BI increases a lot when it is combined with Business central. The inputs of Power BI appear directly on the Dynamics 365 Business central page which eradicates the need of leaving the app to get a robust analysis. Not just this but Power BI has capabilities of collecting data from all the systems to give you a complete picture of your business in real-time. Even for simpler things like a transaction report or product details, the Power BI has the capability of procuring shots quickly.
    Power BI also helps to create smart reports and patterns to give an idea of the things that even the user was not aware of. The contents of Power BI can be exported directly into word or excel to create presentations.

  3. Default Artificial Intelligence: The inbuilt intelligence system of Microsoft Dynamics 365 Business central analyses various nitty-gritty of the business according to the need of the market effectively saving your energy and time. It also notifies you of ways to run the business efficiently. For example, if you want to reorder an item by making a PO it will provide you information of other low-cost products from the vendor so that you can include them in the PO too.

  4. Favourite Accounts: Based on your preferences, you can easily create a list of the accounts that you most often engage with. You can access it from any screen of Dynamics 365 Business Central.

  5. Role Centres: Role centres are just like the home screen where you can see options like quick action buttons, Key performance indicators, and navigation menus. According to your needs and your working patterns, Dynamics 365 Business central creates customized role centres for you.

Post Summary
Microsoft Dynamics 365 Business central is a robust system for business management. With its user-friendly interface and built-in intelligence systems, it creates a great customized experience for the users and ends up saving a lot of development cost and time.

Source Content:

#microsoft dynamics 365 business central #microsoft dynamics 365 #dynamics 365

Hollie  Ratke

Hollie Ratke


Majority of Microsoft 365 Admins Don't Enable MFA

Up to 78 percent of Microsoft 365 administrators do not have multi-factor authentication (MFA) security measures enabled.

A recent report by CoreView Research also found that 97 percent of all total Microsoft 365 users do not use MFA, shedding a grim light on the security issues inherent with the implementation of Microsoft’s subscription service. Launched in 2017, this service provides users with basic productivity applications – including Office 365, Windows 10 and Enterprise Mobility.

“This is a huge security risk – particularly during a time where the majority of employees are remote – that IT departments must acknowledge and address in order to effectively deter cyberattacks and strengthen their organization’s security posture,” according to the report, released last week.

Microsoft 365 accounts are a treasure trove for cybercriminals looking for sensitive organization data. Attackers typically targeting Microsoft 365 accounts email-based phishing or spear phishing attacks, automated credential stuffing, or guessing attacks. MFA is one of the best ways to prevent this type of unauthorized access to Microsoft 365, researchers said – with research from SANS Software Security Institute indicating that 99 percent of data breaches can be prevented using MFA.

However, the research reveals that Microsoft 365 users – and even admin accounts, with the highest level of permissions and oversight of data – are not doing their part to implement MFA for their accounts.

Overall, researchers found overarching issues with how Microsoft 365 is being implemented in companies. Beyond failing to implement basic security practices, researchers warned that organizations are giving administrators excessive controls (which results in increased access to sensitive information).

For instance, researchers found that 57 percent of global organizations have Microsoft 365 administrators with excess permissions to access, modify, share critical data – potentially giving them unnecessary access to private data and opening up risks for insider threats.

Another issue is that companies are investing in various productivity applications without consideration their security implications. While these apps help fuel productivity, unsanctioned “shadow IT” apps have varying levels of security unsanctioned apps represent a significant security risk. Shadow IT apps are SaaS applications that employees use, typically without IT’s permission or even knowledge.

“In today’s modern work environment, where supporting remote work is a must, CoreView’s data indicates that the missing ingredient in deploying and using M365 (Microsoft 365) effectively is often data governance, application security and Shadow IT oversight,” they said. “Enterprises must ensure they have the processes and tools, including CoreView, to help securely migrate and operate the world’s leading SaaS productivity platform.”

Security issues and attacks leveraging Microsoft 365 are rampant. In September, researchers said that bugs in the multi-factor authentication system used by Microsoft’s cloud-based office productivity platform, Microsoft 365, opened the door for hackers to access cloud applications via a bypass of the security system.

#cloud security #most recent threatlists #privacy #web security #admin #mfa #microsoft #microsoft 365. office 365 #multi factor authentication #security policy