Category: Microsoft

Jul 12 2018

Microsoft offers extended support for Windows, SQL 2008—but with a catch

(credit: Marcus W / Flickr)

Windows Server 2008 and 2008 R2, as well as SQL Server 2008 and 2008 R2, are due to move out of extended support over the next few years—SQL Server in July 2019 and Windows Server in January 2020. For organizations still using that software, this offers a few options: keep using the software and accept that it won't receive any more security updates, migrate to newer equivalents that are still supported, or pay Microsoft for a custom support contract to continue to receive security updates beyond the cutoff dates.

Today, Microsoft added a fourth option: migrate to Azure. Microsoft is extending the support window by three years (until July 2022 for SQL Server, January 2023 for Windows Server) for workloads hosted on Azure in the cloud. This extended support means that customers that make the switch to the cloud will receive another three years of security fixes. After those three years are up, customers will be back to the original set of choices: be insecure, upgrade, or pay for a custom support contract.

Microsoft isn't requiring customers to demonstrate that they have any kind of migration plan in place, and this support scheme incurs no additional costs beyond those already imposed by running software on Azure in the first place.

Read 2 remaining paragraphs | Comments

Apr 18 2018

Microsoft claims to make Chrome safer with new extension

Enlarge (credit: Chrome's unsafe content warning.)

Chrome already provides effective protection against malicious sites: go somewhere with a poor reputation and you'll get a big, scary red screen telling you that you're about to do something unwise. But Microsoft believes it can do a better job than Google, and it has released a Chrome plugin, Windows Defender Browser Protection, that brings its own anti-phishing protection to Google's browser.

Microsoft justifies the new plugin with reference to a 2017 report that claims that the company's Edge browser blocked 99 percent of phishing attempts, compared to 87 percent by Chrome and 70 percent in Firefox. The plugin brings Edge's protection to Chrome, so if the theory holds, it should bump the browser up to 99 percent, too.

The new extension doesn't appear to disable Chrome's own checking (or at least, it doesn't seem to be doing so for me), so at the very least isn't likely to make you less safe, and with phishing being as widespread as it is, the extra protection probably doesn't hurt.

Read 1 remaining paragraphs | Comments

Apr 18 2018

Microsoft claims to make Chrome safer with new extension

Enlarge (credit: Chrome’s unsafe content warning.)

Chrome already provides effective protection against malicious sites: go somewhere with a poor reputation and you’ll get a big, scary red screen telling you that you’re about to do something unwise. But Microsoft believes it can do a better job than Google, and it has released a Chrome plugin, Windows Defender Browser Protection, that brings its own anti-phishing protection to Google’s browser.

Microsoft justifies the new plugin with reference to a 2017 report that claims that the company’s Edge browser blocked 99 percent of phishing attempts, compared to 87 percent by Chrome and 70 percent in Firefox. The plugin brings Edge’s protection to Chrome, so if the theory holds, it should bump the browser up to 99 percent, too.

The new extension doesn’t appear to disable Chrome’s own checking (or at least, it doesn’t seem to be doing so for me), so at the very least isn’t likely to make you less safe, and with phishing being as widespread as it is, the extra protection probably doesn’t hurt.

Read 1 remaining paragraphs | Comments

Apr 16 2018

Intel, Microsoft to use GPU to scan memory for malware

Intel Skylake die shot. (credit: Intel)

Since the news of the Metldown and Spectre attacks earlier this year, Intel has been working to reassure the computer industry that it takes security issues very seriously and that, in spite of the Meltdown issue, the Intel platform is a sound choice the security conscious.

To that end, the company is announcing some new initiatives that use features specific to the Intel hardware platform to boost security. First up is Intel Threat Detection Technology (TDT), which uses features in silicon to better find malware.

The company is announcing two specific TDT features. The first is "Advanced Memory Scanning." In an effort to evade file-based anti-virus software, certain kinds of malware refrain from writing anything to disk. This has can have downsides for the malware—it can't persistently infect a machine and, instead, has to reinfect the machine each time it is rebooted—but makes it harder to spot and analyze. To counter this, anti-malware software can scan system memory to look for anything untoward. This, however, comes at a performance cost, with Intel claiming it can cause processor loads of as much as 20 percent.

Read 6 remaining paragraphs | Comments