Microsoft shares workaround for ongoing Outlook login issues (What New)

By Sergiu Gatlan October 28, 2022 02:57 PM

Microsoft is working on a fix for ongoing sign-in issues affecting some Outlook for Microsoft 365 customers and preventing them from accessing their accounts.

The login problems impact users trying to sign in to Outlook using their Outlook.com accounts or those who have already added the accounts to their Outlook profiles.

Instead of logging in, the users will see the following error messages asking them to use a work or school account: “You can’t sign in here with a personal account. Use your work or school account instead.”

While Microsoft says that the Outlook Team is working on a solution for this known issue, an official workaround is available for those who want to access their accounts until a fix rolls out.

“To work around the issue, you can turn off Support Diagnostics, which turns off the option to submit an In App ticket using Help and then selecting Contact Support. The bug is related to how Outlook is authenticating for the diagnostics in some situations,” Microsoft said.
To disable support diagnostics in Outlook and prevent it from communicating client information on failure to support services, you have to enable the DisableSupportDiagnostics policy setting.

“This policy setting determines if Outlook can communicate client information on failure to support services with the intent of diagnosing the issue or making the information available to support to help with the diagnosis/resolution of the issue and/or provide contextual error messaging to the user,” according to the Group Policy Administrative Templates Catalog.

Last week, Redmond said it was working to resolve another bug that might prevent users from configuring Exchange Online mailboxes in Outlook for Windows.

In early October, the company began rolling out a fix for another issue known since August that’s causing Outlook for Microsoft 365 to freeze and crash after launch.

Microsoft has also recently addressed a bug that triggered Outlook email client crashes when reading emails containing tables like Uber receipt emails.

Article (https://www.bleepingcomputer.com/news/microsoft/microsoft-shares-workaround-for-ongoing-outlook-login-issues/)

Roy Miehe | MspPortal Partners Inc. | Ceo/President
Security Software Distributor: Bitdefender , Barracuda, RackSpace, Axcient
“Where Service and Technical Skills Count”

By Bill Toulas October 28, 2022 07:34 AM

I have warned more folks get off this browser (Use Firefox with duckduckgo.com)

Google has released an emergency security update for the Chrome desktop web browser to address a single vulnerability known to be exploited in attacks.

The high-severity flaw (CVE-2022-3723) is a type confusion bug in the Chrome V8 Javascript engine discovered and reported to Google by analysts at Avast.

“Google is aware of reports that an exploit for CVE-2022-3723 exists in the wild,” highlights the notice.

The company doesn’t provide many details about the vulnerability for security reasons, allowing Chrome’s user base enough time to update the web browser to version 107.0.5304.87/88, which addresses the problem.

“Access to bug details and links may be kept restricted until a majority of users are updated with a fix,” Google says.

“We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.”

In general, type confusion vulnerabilities occur when the program allocates a resource, object, or variable using a type and then accesses it using a different, incompatible type, resulting in out-of-bounds memory access.

By accessing memory regions that shouldn’t be reachable from the context of the application, an attacker could read sensitive information of other apps, cause crashes, or execute arbitrary code.

Google does not clarify the level of activity involving the exploit that exists in the wild, so whether attacks using CVE-2022-3723 are widespread or limited is not known at this time.

Chrome users can update their browser by opening Settings → About Chrome → Wait for the download to finish → Restart the program.

Article (https://www.bleepingcomputer.com/news/security/google-fixes-seventh-chrome-zero-day-exploited-in-attacks-this-year/)

Roy Miehe | MspPortal Partners Inc. | Ceo/President
Security Software Distributor: Bitdefender , Barracuda, RackSpace, Axcient
“Where Service and Technical Skills Count”

Microsoft Releases October 2022 Security Updates
10/11/2022 02:15 PM EDT

Original release date: October 11, 2022
Link (https://msrc.microsoft.com/update-guide/releaseNote/2022-Oct)

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected system.

CISA encourages users and administrators to review Microsoft’s October 2022 Security Update Summary and Deployment Information and apply the necessary updates.

Naomi Nix- Washington Post
Fri, October 7, 2022 at 3:09 PM

Suggestion folks in the IT industry keep Facebook out the company network , if they need it for marketing get them another computer/laptop and keep off the network. It bad enough we have issue’s with Microsoft and Google for security issues. Facebook is a non essential, my personal opinion.

Facebook parent Meta is warning 1 million users that their login information may have been compromised through malicious apps.

Meta’s researchers found more than 400 malicious Android and Apple iOS apps this year that were designed to steal the personal Facebook login information of its users, the company said Friday in a blog post. Meta spokesperson Gabby Curtis confirmed that Meta is warning 1 million users who may have been affected by the apps.

Meta said the apps they identified were listed in Apple’s app store and Google Play Store as games, photo editors, health and lifestyle services and other types of apps to trick people into downloading them. Often the malicious app would ask users to “login with Facebook” and later steal their username and password, according to the company.
“This is a highly adversarial space and while our industry peers work to detect and remove malicious software, some of these apps evade detection and make it onto legitimate app stores,” wrote Meta’s Threat Disruption Director David Agranovich, and Malware Discovery and Detection Engineer Ryan Victory.

Meta said it reported the apps to Apple and Google and the apps had since been taken down. Google spokesperson Edward Fernandez said in a statement that the “apps identified in the report are no longer available on Google Play.” A representative for Apple responded but didn’t comment.

Meta has faced scrutiny over its privacy practices for years. In 2019, the Federal Trade Commission approved a roughly $5 billion settlement with Facebook after reports found the political consultancy Cambridge Analytica improperly accessed personal data of millions Facebook users.

Roy Miehe | MspPortal Partners Inc. | Ceo/President

Security Software Distributor: Bitdefender , Barracuda, RackSpace, Axcient

“Where Service and Technical Skills Count”

Tara Seals Managing Editor, News, Dark Reading
October 06, 2022

If you insist in Using O365 at least have a filter in front to protect yourselves , I recommend Barracuda Advance Spam/Phishing  filtering they clean it and then deliver to your mailbox

“Many hackers think of email and Microsoft 365 as their initial points of compromise, [so they] will test and verify that they are able to bypass Microsoft’s default security,” according to a new report from Avanan that flags an uptick in its customer telemetry of malicious emails landing in Microsoft-protected email boxes.

Roy Miehe | MspPortal Partners Inc. | Ceo/President

Security Software Distributor: Bitdefender , Barracuda, RackSpace, Axcient

“Where Service and Technical Skills Count”

By Sergiu Gatlan June 22, 2022 07:23 AM

Microsoft has revealed that this week’s Microsoft 365 worldwide outage was caused by an infrastructure power outage that led to traffic management servicing failovers in multiple regions.

Starting on Monday, June 20, at 11:00 PM UTC, customers began experiencing and reporting several issues while trying to access and use Microsoft 365 services.
Microsoft reveals cause behind this week’s Microsoft 365 outage

According to Microsoft, problems encountered during the incident included delays and failures when accessing some Microsoft 365 services.

Customer reports also shared info on continuous re-login requests, emails not getting delivered after being stuck in queues, and the inability to access Exchange Online mailboxes despite trying all available connection methods.

The affected services included the Microsoft Teams communication platform, the Exchange Online hosted email platform, SharePoint Online, Universal Print, and the Graph API.

Microsoft’s response while investigating the root cause behind the outage also brought to light some issues related to how the company fails to share new incident-related info with customers.

Even though Microsoft told customers they could find out more about this incident from the admin center under EX394347 and MO394389, user reports suggest that those incident tickets were not showing up, effectively keeping the customers in the dark.

This is the reason we will not sell O365..We do not want to support the product. MspPortal Partners has a relationship with RackSpace hosting email, we have a 99.9 uptime..nothing is perfect but we/RackSpace is far superior to O365

Roy Miehe | MspPortal Partners Inc. | Ceo/President

Security Software Distributor: Bitdefender , Barracuda, RackSpace, Axcient

“Where Service and Technical Skills Count”