Microsoft SDL: Evolving security practices for an AI-powered world

As AI reshapes the world, organizations encounter unprecedented risks, and security leaders take on new responsibilities. Microsoft’s Secure Development Lifecycle SDL is expanding to address AI-specific security concerns in addition to the traditional software security areas that it has...

Cybersecurity Awareness Month: Security starts with you

At Microsoft, security is our number one priority, and we believe that cybersecurity is as much about people as it is about technology. As we move into October and kick off Cybersecurity Awareness Month, this time of year really makes me think about how important online safety is—not just at work...

Sharing practical guidance: Launching Microsoft Secure Future Initiative (SFI) patterns and practices

We’re excited to launch Microsoft Secure Future Initiative SFI patterns and practices : a new library of actionable guidance designed to help organizations implement security measures at scale. This launch marks the next step in our journey to make our SFI learnings practical for our customers,...

CVE-2020-0689

A security feature bypass vulnerability exists in secure boot, aka 'Microsoft Secure Boot Security Feature Bypass Vulnerability'...

​​How the Microsoft Secure Future Initiative brings Zero Trust to life

In this blog, you'll learn more about how the Microsoft Secure Future Initiative SFI—a real-world case study on Zero Trust—aligns with Zero Trust strategies. We’ll share key updates from the April 2025 SFI progress report and practical Zero Trust guidance to help you strengthen your organization’...

Securing our future: April 2025 progress report on Microsoft’s Secure Future Initiative

The Microsoft Secure Future Initiative SFI stands as the largest cybersecurity engineering project in history and most extensive effort of its kind at Microsoft. Since inception, we've dedicated the equivalent of 34,000 engineers working full-time for 11 months to mitigate risks and address the...

AI innovation requires AI security: Hear what’s new at Microsoft Secure

When you’re secure—innovation happens. But, the fast pace of AI often outpaces traditional security measures, leaving gaps that bad actors can take advantage of. As a security professional, you’re the hero in this battle between protecting vast amounts of data while ensuring AI systems remain...

See product news and on-demand sessions from Microsoft Secure

“Great speakers and very knowledgeable.” “Brilliant.” “Wonderful and very useful.” The first Microsoft Secure on March 28, 2023, was a huge success—as this attendee feedback shows. Our virtual event brought together more than 20,000 security professionals eager to learn security best practices an...

Microsoft Secure: Explore innovations transforming the future of security

Building a more secure future requires an end-to-end approach. There is no question that technology plays an essential role, but security will always be human-centered. That’s what Microsoft Secure is all about. It’s about sharing knowledge, best practices, and technology innovations that empower...

Microsoft Secure: Explore innovations transforming the future of security

Building a more secure future requires an end-to-end approach. There is no question that technology plays an essential role, but security will always be human-centered. That’s what Microsoft Secure is all about. It’s about sharing knowledge, best practices, and technology innovations that empower...

Join us at Microsoft Secure to discover the latest security solutions

Microsoft Secure is our first flagship event designed just for security professionals. On March 28, 2023, we will bring together security professionals from around the world to explore security information and event management SIEM and extended detection and response XDR, threat intelligence, AI,...

Join us at Microsoft Secure to discover the latest security solutions

Microsoft Secure is our first flagship event designed just for security professionals. On March 28, 2023, we will bring together security professionals from around the world to explore security information and event management SIEM and extended detection and response XDR, threat intelligence, AI,...

Learn what an AI-driven future means for cybersecurity at Microsoft Secure

Maintaining security across today’s vast digital ecosystem is a team effort. AI and machine learning have helped to detect threats quickly and respond effectively. Yet we all know that the best defense still requires human wisdom and experience. From a frontline security operations admin to the...

A “quick wins” approach to securing Azure Active Directory and Office 365 and improving your security posture

In the last post, we discussed Office 365 and how enabling certain features without understanding all the components can lead to a false sense of security. We demonstrated how implementing a break glass account, multi-factor authentication MFA, and the removal of legacy authentication can help...

MS14-059: Description of the security update for ASP.NET MVC 2.0: October 14, 2014

MS14-059: Description of the security update for ASP.NET MVC 2.0: October 14, 2014 This article does not apply to Windows 10 devices that run in S mode.For more information about S mode, see Windows 10 in S mode FAQ. Introduction Microsoft has released security bulletin MS14-059. To learn more...

Announcing the Microsoft Graph Security Hackathon winners

Bringing together information from multiple disconnected security systems to solve today’s security challenges is complex. We recently asked Microsoft Graph Security Hackathon participants to come up with innovative solutions using the Microsoft Graph Security API, and they did not disappoint. We...

Security and Quality Rollup updates for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows Server 2012 (KB 4457919)

Security and Quality Rollup updates for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows Server 2012 KB 4457919 This also applies to: Microsoft .NET Framework 3.5 Summary This security update resolves a vulnerability in Microsoft .NET Framework that could allow remo...

Security Only updates for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows Server 2012 (KB 4457915)

Security Only updates for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows Server 2012 KB 4457915 This also applies to: Microsoft ,NET Framework 3.5 Summary This security update resolves a vulnerability in Microsoft .NET Framework that could allow remote code...

Get deeper into security at Microsoft Ignite 2018

This year at Microsoft Ignite, we will be making some exciting announcementsfrom new capabilities for identity management and information protection to powerful artificial intelligence AI innovations that can help you stay ahead of an often overwhelming surge in threats and security alerts. Join ...

Security and Quality updates for .NET Framework 2.0 SP2, 3.0 SP2, 4.5.2 and 4.6 for Windows Server 2008 SP2 (KB 4345593)

Security and Quality updates for .NET Framework 2.0 SP2, 3.0 SP2, 4.5.2 and 4.6 for Windows Server 2008 SP2 KB 4345593 Summary This security update resolves an information disclosure vulnerability in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant...