Update: Microsoft Implements Windows Zerologon Flaw ‘Enforcement Mode’

Zerologon flaw is one of the critical matters discussed recently. Microsoft has decided to take this matter into its own hands as companies have not yet updated their systems to address Zerologon flaw.

After careful consideration and investigation, the tech giant – Microsoft has decided that from Feb 9, it will by default block vulnerable connections on devices that could be used to exploit the flaw. Some of the Microsoft’s Active Directory domain controllers are prone to be affected by Zerologon flaw.

Domain controllers of Microsoft Active Directory will respond to authentication requests and verify users on computer networks.

A successful exploitation of the Zerlogon flaw will allow unauthenticated attackers with network access to Active Directory’s domain controllers to completely compromise all Active Directory identity services.

The new initiative taken by Microsoft in which Domain Controller enforcement mode is implemented that “will block vulnerable connections from non-compliant devices,”.

Domain Controller enforcement mode requires that all Windows and non-Windows devices use secure RPC with Netlogon secure channel.

Unless customers have explicitly allowed the account to be vulnerable by adding an exception for the non-compliant device.

Secure RPC is an authentication method that authenticates both the host and the user who is making a request for a service.

This new implementation is an attempt to block cybercriminals from gaining network access to domain controllers.

Unauthorized access will eventually be used to exploit the Zerologon privilege-escalation glitch (CVE-2020-1472).

The Zerologon flaw, with a critical-severity CVSS score of 10 out of 10, was first addressed in Microsoft’s August 2020 security updates.

Starting Feb. 9, Microsoft said it will enable domain controller “enforcement mode” by default, a measure that would help mitigate the threat.

Considering the current situation of the internet and cybercrimes, this implementation would help businesses and individuals to minimize the risk of hacking.

If your business is looking for secure file transfer services that ensures your critical information is secure then, avail FTP Hosting services from IT Company.

Share it on Social Media:

Millions Switch to Telegram and Signal after the Big Update by WhatsApp

Due to privacy concerns and growing anxiety over the power of the biggest tech companies, encrypted messaging services have become the world’s hottest apps.

People all over the world use mobile applications for nearly every purpose, starting from messaging, games, services to online banking and much more.

Millions have moved to Signal and Telegram due to recent changes by WhatsApp. Over the past week, millions of people have downloaded both apps highlighting huge hike in its usage.

Signal just like WhatsApp allows messages to be sent with “end-to-end encryption,” meaning only the sender and receiver can read the content.

Telegram on the other hand, offers some encrypted messaging options, but is popular for its special feature of group-based chat rooms where people can communicate and talk about several topics.

WhatsApp’s new update resulted in mass migration that, if it keeps happening, could weaken the power of Facebook and other big tech companies.

On Tuesday, according to Telegram more than 25 million users were added over the previous three days, pushing it to over 500 million users.

According to estimates from Apptopia, On Monday alone, nearly 1.3 million users were added on Signal.

Nearly all of Signal’s new user adoption is coming from outside the United States. As of Wednesday, the company said it was the No. 1 app in 70 countries on iOS devices and in 45 countries on Android devices, with India being one of the biggest areas of new user growth.

For both Signal and Telegram, new installations came from users in Indonesia, Mexico, Brazil and dozens of other countries, based on data from Apptopia.

Even for businesses WhatsApp is a popular app for marketing purposes, but due to this new privacy user update. They are already looking for alternatives to spread their word.

IT Company Australia allows you to send SMS messages from the web to a mobile device without any efforts to install an application or integration. Our SMS service is highly useful for SMB or enterprise businesses to send online notifications to their employees and customers using API, Email or from their website.

Share it on Social Media:

US Govt Warns Chrome Users to Update Chrome or Risk Remote Takeover!

The new version of chrome includes 16 new security fixes.

The United States Cyber and Infrastructure Security Agency – CISA recently issued an alert for all Chrome users to update their web browsers to address vulnerabilities.

This particular concern can be easily exploited by attackers to take control of computers.

According to Google, Chrome Stable version 87.0.4280.141 is being rolled out for Microsoft Windows, Apple macOS and Linux distributions, and contains 16 security fixes.

Out of all these fixes, 15 are rated as high severity, with the most serious vulnerabilities. These high severity security fixes are allowing remote code execution in the privilege context that Chrome is already running in.

The vulnerabilities include seven use-after-free memory corruption bugs, including one in the Blink rendering engine.

Also, an out-of-bounds-write vulnerability in the V8 Javascript engine.

The V8 CVE-2020-15995 bug could be easily exploited via a specially crafted web page to cause memory heap corruption, as reported last month.

While the awards for the V8 and the CVE-2021-21115 use-after-free in Safe Browsing bugs are yet to be determined.

It is noticeable that Google paid out US$111,000 in bug bounties to other researchers reporting vulnerabilities in Chrome.

With IT Company you can have web applications according to your requirements. Take your business to a whole new level with our app’s development team, highly skilled in Mobile Apps, Website and desktop software development, and a variety of programming services such as XML, JSON API, SQL, JAVA, .Net, MVC, Entity framework and much more. We have a pool of highly talented individuals with years of experience in customized application development across Windows 10, iPhone, Cloud and Network Based Platforms.

IT Company provides;

  • Microsoft Technologies
  • Web Application Development
  • Open Source Technologies
  • PHP MySQL Web Application Development
  • Open Source Applications

Explore our website in order to find out more about our IT Services and Solution.

Share it on Social Media:

New Microsoft Teams Updates are live Now!

It looks like 2021 is going to be all about new updates in almost every digital product and platform. Microsoft Teams users will be witnessing many new useful updates this year.

New updates are seen as one of the many useful updates, introducing some amazing new features. One of the biggest updates is support for virtual breakout rooms, this feature will enable meeting organizers to set up different rooms or groups for individuals to brainstorm before re-joining a larger session.

This feature is currently only available in Government environments but is expected to launch for other Teams users in the coming weeks.

Another very useful feature that is being recently introduced is the five-minute advance notification of a meeting and a pre-join experience. This feature will enable users to check all the settings including audio, video and some improvements to video playback performance.

Apart from this, IT Consultants have been constantly working to develop smart collaborative environment that can boost company’s performance eventually.

More updates on the way

Another cool features that is being introduced is real-time translation for several languages including; French, Russian, Italian, Hindi, and more.

In addition to the above updates, Cortana will now allow individuals to join and manage meetings with voice controls. As, we all know that Microsoft Teams Integration have been very useful in collaboration and communication among businesses in this world Pandemic i.e., Coid-19.

Microsoft has said that in addition to the new features confirmed in its December update, it is also working on several other additions, including a new history menu and an enhanced search experience. Expect those features, as well as others that have yet to be announced, to appear at some point in 2021.

Share it on Social Media:

New web-based Outlook app for Windows and Mac by Microsoft

Microsoft has always been able to win the game in the tech market and is able to deliver amazing products.

MS Office 365 is one of the widely used tool in the business world.

MS Office 365 is a powerful cloud-based Microsoft Office solution, which combines communication, security features and collaboration at a very affordable cost.

With MS Office 365 you can communicate from anywhere and can do your work securely. It improves productivity and helps you to build your business. It helps you to save Time and Money and get worry free IT service.

Now, it is being reported that Microsoft is planning to launch a universal Outlook client based on the web app.

According to some reports, the Universal Web App will eventually replace all the traditional default Mail and Calendar apps on Windows 10.

It is expected that by the end of this year 2021 – Microsoft will preview Monarch with the aim to replace Mail & Calendar apps on Windows 10 in 2022.

It is expected that Monarch will include OS integrations such as offline storage, share targets, notifications, and more.

The early version of this app is only accessible to internal users of Microsoft who have Microsoft account. It is not yet available for all users to test it.

Let’s hope to see a better version of Outlook by the end of this year!

Share it on Social Media: