Protect your IT environment by staying current with Microsoft technical security notices.
Microsoft Security References enable Microsoft to provide customers with information about security issues that cannot be classified as vulnerabilities and may not require a security bulletin. Each notice has a unique Microsoft Knowledge Base article number that you can use as a reference to provide additional information about the changes.
Why Are Attack Surface Reduction Rules So Important
Your company’s attack surface contains all the points at which an attacker can compromise your company’s devices or networks. When you reduce the attack surface, you need to protect your organization’s devices and network so that attackers have fewer opportunities to launch attacks. Setting rules to reduce attack surface in Microsoft Defender endpoints can help!
Attack surface reduction rules target specific software behavior , for example:
- Run executable files and scripts that try to load or run files;
- run hidden or suspicious scripts; and
- Act in a way that applications would not normally be called during normal day to day operation.
This software behavior sometimes appears in legitimate applications. However, this behavior is often considered risky because it is often misused by attackers with malware. Rules that reduce the attack surface can limit risky behavior and help protect your business.
For more information on configuring attack surface reduction rules, see Enabling attack surface reduction rules .
Allowed IP Ranges Should Be Set Per Kubernetes Services Guidelines, Which Have Been Updated With A Quick Fix.
The recommended range of allowed IP addresses should be set in Kubernetes services. There is now a quick fix option.
Additional information onFor this tip and all the other recommendations of the Security Center, see the Security Best Practices Reference Guide .