Microsoft

Microsoft has urged Windows Vista and Windows 7 users to disable desktop accessories in the operating systems as a security measure.

The software giant said in a security advisory that the insecure Gadgets feature in the systems can execute arbitrary code as well as access user data.

Users logged on as administrator, guest or power user could unwittingly allow rogue Gadgets to run any code it wants at that security level, and take complete control over the system, according to Microsoft.

Backing up your data is an important task that most of us neglect to do. Windows has included backup software of some kind for a long time now, but few people actually use it, because they forget, or don't understand it, or don't know it's there, or simply can't be bothered.

Microsoft's latest attempt to get Windows users to back up their files is Windows 8's File History. File History is an automatic point-in-time backup system that periodically saves snapshots of your data to a separate location (either a network file share or a directly attached hard disk).

A new Web-based social engineering attack that relies on malicious Java applets attempts to install backdoors on Windows, Linux and Mac computers, according to security researchers from antivirus vendors F-Secure and Kaspersky Lab.

The attack was detected on a compromised website in Colombia, F-Secure senior analyst Karmina Aquino, said in a blog post on Monday. When users visit the site, they are prompted to run a Java applet that hasn't been signed by a trusted certificate authority.

A security firm says it has spotted malware from China dubbed the Warp Trojan that takes a totally new approach: After infecting a vulnerable Windows computer, it pretends to be a router and tells the real local subnet router to send traffic for other networked computers to the infected machine, so the malware can then try to compromise the other computers through a man-in-the-middle attack.

Microsoft on Tuesday issued nine security bulletins to address three "critical" and six "important" security issues.

The patches righted 16 flaws in Windows, Internet Explorer, Office, SharePoint, and Visual Basic for Applications.

Microsoft today confirmed that it will patch a vulnerability in Windows next week that has been exploited by an increasing number of attacks.

Initially, experts wondered whether Microsoft would patch the XML Core Services (MSXML) vulnerability in Windows that it first acknowledged June 12, but failed to fix even as attacks leveraging the flaw steadily ramped up.

French tax authorities have visited the headquarters of Microsoft France to conduct an inspection, a spokesman for the company confirmed Wednesday.

The visit, last Thursday, was a routine check, according to a statement on the company's website.

Microsoft has named two of the 39 defendants it is suing for their alleged role in operating the Zeus botnet.

According to an amended civil complaint filed last week in U.S. District Court in Brooklyn, Microsoft named Yevhen Kulibaba and Yuriy Konovalenko as defendants. The other defendants remain listed as "John Does."

Walking the floor at Microsoft’s conference center in Redmond yesterday for the conclusion of the three-month Kinect Accelerator startup program, it was remarkable to see not just tech demos but full-fledged companies being built on the company’s Kinect sensor.

Nconnex uses Kinect to recreate a room on screen, letting people see how furniture would look and fit in their space.

    A Los Angeles-based startup called Styku has struck a deal to pilot its Kinect-powered virtual fitting room technology with a major retailer, a key step toward a broader rollout.

The richest and biggest software company in the world still won’t pay researchers for disclosing vulnerabilities despite a growing number of its peers opting to do so.

Microsoft thinks bug bounties are superfluous: its Microsoft Security Response Centre (MSRC) team were constantly inundated with free vulnerability reports from researchers looking for fame, not fortune.