Skype announced integration with OneDrive

Skype development team announced testing of the new cloud filesharing feature in the latest Skype Insider Build. Users will be able to share a link to a file or folder in OneDrive directly in the chat. If your contact is on a mobile device and has the application available, the file will open directly in that app, and not in the browsers. If your contact does not have the application installed, the OneDrive web site can preview most commonly used filetypes. A new feature is currently available to Skype insiders.

Hackers started using a bug with online video feature in Microsoft Word

A bug with the online video feature in Microsoft Word, recently discovered by Cymulate security researchers, found its first use for deliver malware. Trend Micro specialists discovered and described the URSNIF information stealer spreading mechanism. Users can defend against threats abusing this by blocking Word documents that has the embeddedHtml tag in their respective XML files or disabling documents with embedded video.

Cisco inadvertently released Dirty Cow exploit code in software

The company explained that in the final QA validation step of the automated software build system for the Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) software inadvertently left an internal exploit for the Dirty COW vulnerability (CVE-2016-5195). The purpose of this QA validation step is to make sure the Cisco product contains the required fixes for this vulnerability. This issue affects versions X8.9 to X8.11.3. All affected software images have proactively been removed from the Cisco Software Center and will soon be replaced with fixed software images.

Windows Defender Antivirus can now run inside a sandbox

Running Windows Defender Antivirus in a sandbox ensures that in the unlikely event of a compromise, malicious actions are limited to the isolated environment, protecting the rest of the system from harm. Support the sandbox feature is not enabled by default, but users can turn the feature on by setting a machine-wide environment variable (setx /M MP_FORCE_USE_SANDBOX 1) and restarting the machine. This is currently supported on Windows 10, version 1703 or later.