Microsoft   147526

« earlier    

Mio - Keep your teams in sync
Cross platform interop for Microsoft Teams, Cisco and Slack.
slack  collaboration  microsoft  interoperability 
yesterday by esinclai
Google, Microsoft work together for a year to figure out new type of Windows flaw | Ars Technica
Researcher finds building blocks for privilege escalation: Can they be assembled to create a flaw?
microsoft  security 
yesterday by jeffhammond
Partner Center Analytics - Partner Center app developer | Microsoft Docs
The Analytics API allows you to programmatically access data that is being presented in the User Experience.
microsoft  CSP  API 
yesterday by andyhuey
What to try if you can't install or activate Office for Mac - Office Support
You can find troubleshooting steps for common installation or activation issues for Office for Mac here.
office  office2016  reference  kbase  troubleshooting  activationerror  fix  office2019  howto  microsoft 
2 days ago by ferdinandfuchs
Google, Microsoft work together for a year to figure out new type of Windows flaw | Ars Technica
Researcher finds building blocks for privilege escalation: Can they be assembled to create a flaw?
One of the more notable features of Google Project Zero's (GPZ) security research has been its 90-day disclosure policy. In general, vendors are given 90 days to address issues found by GPZ, after which the flaws will be publicly disclosed. But sometimes understanding a flaw and developing fixes for it takes longer than 90 days—sometimes, much longer, such as when a new class of vulnerability is found. That's what happened last year with the Spectre and Meltdown processor issues, and it has happened again with a new Windows issue.
Google researcher James Forshaw first grasped that there might be a problem a couple of years ago when he was investigating the exploitability of another Windows issue published three years ago. In so doing, he discovered the complicated way in which Windows performs permissions checks when opening files or other secured objects. A closer look at the involved parts showed that there were all the basic elements to create a significant elevation of privilege attack, enabling any user program to open any file on the system, regardless of whether the user should have permission to do so. The big question was, could these elements be assembled in just the right way to cause a problem, or would good fortune render the issue merely theoretical?
The basic rule is simple enough: when a request to open a file is being made from user mode, the system should check that the user running the application that's trying to open the file has permission to access the file. The system does this by examining the file's access control list (ACL) and comparing it to the user's user ID and group memberships. However, if the request is being made from kernel mode, the permissions checks should be skipped. That's because the kernel in general needs free and unfettered access to every file.
google  security  microsoft  windows  bug  research 
2 days ago by rgl7194
Open Enclave SDK
Some bits for making Trusted Execution Environments a little easier with current support for Intel SGX and future support for ARM TrustZone.
microsoft  openenclave  intel  sgx  security 
2 days ago by rcrowley

« earlier    

related tags

(20h1)  10  18855  1980s  2018  2019  365  64  84  a11y  accelerator  accessibility  activationerror  activedirectory  addons  advertising  advice  ahead  ai  amazon  android  anonymous  antitrust  apache  api  app  apple  architecture  article  athentication  automation  az-203  azure  backorifice  backup  bbs  benedictevans  betoorourke  bill-gates  biotech  blog  book  browser  browsers  bug  build  business  calculator  cdc  certification  china  chrome  cicd  classroom  client  cloud  code  codec  collaboration  comparison  competition  competition_law  compression  computer-vision  computing  core  crime  critcode  csharp  csp  culture  data  database  design  devops  directx  discovered  docker  documentation  dos  dotnet  dtrace  dylanscott  edge  editor  elizabeth_warren  email  endoflife  esri  ethics  example  excel  exchange  extensions  f#  facebook  fcc  files  firefox  fix  fixes  flow  for  foss  foxconn  fridayfrontend  funny  fwa  gadgetluv  gamedev  games  geneediting  git  github  google  googlechrome  googledocs  government  graphics  guidance  guide  guides  gzip  hackers  hacktivism  hardware  history  howto  hsk  http  ide  ie  implementation  includes  insider  intel  internet  interoperability  interviews  iot  is  issue  japan  java  javascript  josephmenn  kbase  language  learning  legal  lego  library  lithuanian  mac  machine-learning  macos  march  microsoft-flow  microsoft  migration  minecraft  mirroring  mobile.app  monopoly  ms  msdos  mswindows  natural.interface  news  notes  ntlm  nytimes  office  office2016  office2019  office365  on  open-source  openenclave  opensource  operatingsystem  opinion  oracle  os  outlook  over  ovum  package  pandoc  parkinsons  parse  parsing  patch  pc  pcs  people  performance  php  platform  positive  powerapps  powerplatform  privacy  programming  proprietary  pwa  python  react  read  recommend  recommendation  reference  registration  release  releases  research  reviews  royalties  rss  rtl  runbook  russian  safari  samsung  sap  scientology  screen  security  service  sgx  sharepoint  sharing  skip  slack  smartphone  social.media  socialmedia  socialnetwork  software  sql  sqlserver  ssdt  standards  stats  storage  store  strategy  studio  style  suing  surface  sysadmin  system-integration  technology  teens  telemetry  testing  the  tips  to  tolearn  totry  totwitter  tounderstand  train  troubleshooting  tuesday  tutorial  tvws  typescript  unit  unpaid  updates  upwork  users  ux  visual-studio  visual  visual_studio  visualstudio  vox  vscode  vulnerabilities  web  webdesign  webdevelopment  webmail  windows-10  windows  windows10  with  word  work  workflow  writing  xbox  xlsx  xml  xp10  zlib 

Copy this bookmark:



description:


tags: