For the past several months, different groups of attackers have distributed malware through Microsoft Office documents that contain malicious macros, reviving a technique that has been out of style for over a decade.
Macros are scripts that contain commands for automating tasks in various applications. Microsoft Office programs like Word and Excel support macros written in Visual Basic for Applications (VBA) and these can be used for malicious activities like installing malware.
An online group has released what it claims is the software development kit (SDK) for Microsoft's Xbox One console and according to reports may have access to games from Halo developers 343 Industries.
The leakers released the kit over the festive break to encourage researchers to develop exploits required to gain full control of the consoles.
Internet Explorer and Exchange Server top the list of Microsoft programs needing to be patched by IT administrators this month, now that the company has rolled out its latest round of "Patch Tuesday" security fixes.
Overall, Microsoft has issued seven security bulletins for December, including three that are critical, covering security vulnerabilities found in Windows (both the server and desktop editions), Office, Exchange Server, SharePoint Server and Internet Explorer.
After watching early footage of Microsoft's virtual assistant Cortana in Windows 10 (below), its impending takeover of the Microsoft Borg seems inevitable. There's a lot riding on Cortana, after all.
After being released in the U.S. earlier this year, it's now slowly rolling out across the globe. While an obvious response to Apple's Siri, Microsoft's devotion to Cortana is also a reminder of just how important these virtual assistants are becoming. It's as if Siri, Google Now, and Cortana will end up personifying the operating system wars.
Microsoft today announced it will release seven security updates on Tuesday, three of them critical, to patch Internet Explorer (IE), Windows, various pieces of the Office suite, and the SharePoint and Exchange server software.
The Exchange update was originally intended to ship last month, but Microsoft pulled it at the last minute because of a problem with the installer package for Exchange Server 2013.