Lucene search
K
MsrcMost viewed

1366 matches found

MSRC
MSRC
added 2016/01/12 8:0 a.m.13 views

January 2016 Security Update Release Summary

Today we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to apply security updates as soon as they are released. More information about this month’s security updates and advisories can be found in the Security...

6.7AI score
Exploits0
MSRC
MSRC
added 2015/11/10 8:0 a.m.13 views

November 2015 Security Update Release Summary

Today we released security updates to provide protections against malicious attackers. As a best practice, we encourage customers to apply security updates as soon as they are released. More information about this month’s security updates and advisories can be found in the Security TechNet Librar...

6.7AI score
Exploits0
MSRC
MSRC
added 2014/09/04 7:0 a.m.13 views

Advance Notification Service for the September 2014 Security Bulletin Release

Today, we provide advance notification for the release of four Security Bulletins. One of these updates is rated Critical and three are rated as Important in severity. These updates are for Microsoft Windows, Internet Explorer, .NET Framework and Lync. As a reminder, we are now using a new format...

6.9AI score
Exploits0
MSRC
MSRC
added 2013/06/17 7:0 a.m.13 views

EMET 4.0 now available for download

We are pleased to announce that the final release of version 4.0 of the Enhanced Mitigation Experience Toolkit , best known as EMET, is now finally available for download. You can download it from http://www.microsoft.com/en-us/download/details.aspx?id=39273. We already mentioned some of the new...

7AI score
Exploits0
MSRC
MSRC
added 2025/01/15 8:0 a.m.12 views

Congratulations to the Top MSRC 2024 Q4 Security Researchers!

Congratulations to all the researchers recognized in this quarter’s Microsoft Researcher Recognition Program leaderboard! Thank you to everyone for your hard work and continued partnership to secure customers. The top three researchers of the 2024 Q4 Security Researcher Leaderboard are Suresh,...

7.2AI score
Exploits0
MSRC
MSRC
added 2023/03/01 8:0 a.m.12 views

Configuring host-level audit logging for AKS VMSS

This blog post runs you through how to enable and configure Linux audit logging on your Azure Kubernetes Service AKS Virtual Machine Scale Set VMSS using the Linux auditing subsystem, also known as auditd. Warning The information provided below is accurate as of the release date of this blog post...

6.7AI score
Exploits0
MSRC
MSRC
added 2023/02/08 8:0 a.m.12 views

New MSRC Blog Site

We are excited to announce the release of the new Microsoft Security Response Center MSRC blog site. Please visit msrc.microsoft.com/blog/ starting February 9th, 2023, for all past and future MSRC blog content. In addition to the new URL, we have refreshed the site with a new look and improved si...

0.3AI score
Exploits0
MSRC
MSRC
added 2023/02/06 8:0 a.m.12 views

BlueHat 2023: Connecting the security research community with Microsoft

We’re excited to welcome more than 400 members of the security research community from around the world to Redmond, Washington for BlueHat 2023. Hosted by the Microsoft Security Response Center MSRC, BlueHat is where the security research community, and Microsoft security professionals, come...

1.3AI score
Exploits0
MSRC
MSRC
added 2023/02/06 8:0 a.m.12 views

BlueHat 2023: Connecting the security research community with Microsoft

We’re excited to welcome more than 400 members of the security research community from around the world to Redmond, Washington for BlueHat 2023. Hosted by the Microsoft Security Response Center MSRC, BlueHat is where the security research community, and Microsoft security professionals, come...

6.8AI score
Exploits0
MSRC
MSRC
added 2023/01/18 8:0 a.m.12 views

Microsoft は、Azure クラウド サービスにおける 4 つの SSRF の脆弱性を解決しました。

本ブログは、Microsoft resolves four SSRF vulnerabilities in Azure cloud services の抄訳版です。最新の情報は原文を参照してください。 概要...

2AI score
Exploits0
MSRC
MSRC
added 2022/12/02 8:0 a.m.12 views

BlueHat 2023: Applications to Attend NOW OPEN!

We are excited to announce that applications to attend BlueHat 2023 are now open BlueHat 2023 will be the 20th version of the BlueHat conference and will once again be on the Microsoft campus in Redmond, WA, USA, from February 8 – 9, 2023. Hosted by the Microsoft Security Response Center MSRC,...

7.2AI score
Exploits0
MSRC
MSRC
added 2022/11/16 8:0 a.m.12 views

Announcing the Microsoft Machine Learning Membership Inference Competition (MICO)

We’re excited to announce the launch of a new competition focusing on the security and privacy of machine learning ML systems. Machine learning has already become a key enabler in many products and services, and this trend is likely to continue. It is therefore critical to understand the security...

2.8AI score
Exploits0
MSRC
MSRC
added 2022/11/02 7:0 a.m.12 views

マイクロソフト、Jupyter Notebooks for Azure Cosmos DB の脆弱性を修正

本ブログは、Microsoft Mitigates Vulnerability in Jupyter Notebooks for Azure Cosmos DB の抄訳版です。最新の情報は原文を参照してください。 概...

1.8AI score
Exploits0
MSRC
MSRC
added 2022/10/11 7:0 a.m.12 views

2022 年 10 月 のセキュリティ更新プログラム (月例)

2022 年 10 月 11 日 米国時間 、マイクロソフトは、マイクロソフト製品に影響する脆弱性を修正するために、セキ...

0.3AI score
Exploits0
MSRC
MSRC
added 2022/09/06 7:0 a.m.12 views

What’s the smallest variety of CHERI?

The Portmeirion project is a collaboration between Microsoft Research Cambridge, Microsoft Security Response Center, and Azure Silicon Engineering & Solutions. Over the past year, we have been exploring how to scale the key ideas from CHERI down to tiny cores on the scale of the cheapest...

2.7AI score
Exploits0
MSRC
MSRC
added 2022/08/11 4:0 p.m.12 views

Microsoft Bug Bounty Programs Year in Review: $13.7M in Rewards

The Microsoft Bug Bounty Programs and partnerships with the global security research community are important parts of Microsoft’s holistic approach to defending customers against security threats. Our bounty programs incentivize security research in high-impact areas to stay ahead of the...

Exploits0
MSRC
MSRC
added 2022/08/10 7:0 a.m.12 views

セキュリティ更新プログラム ガイドの通知システム : 今すぐプロファイルを作成しましょう

本ブログは、Security Update Guide Notification System News: Create your profile now の抄訳版です。最新の情報は原文を参照してください。 セキ...

1.1AI score
Exploits0
MSRC
MSRC
added 2022/08/10 7:0 a.m.12 views

Microsoft Office、2022年8月からシンボルを公開

本ブログは、Microsoft Office to publish symbols starting August 2022 の抄訳版です。最新の情報は原文を参照してください。 Microsoft Office が...

1.7AI score
Exploits0
MSRC
MSRC
added 2022/07/13 7:0 a.m.12 views

All Hands-on Deck: A Whole-of-Society Approach for Cybersecurity

The morning of June 9th, I was driving over the Golden Gate Bridge into San Francisco with my family. While crossing the bridge my children shared some facts about this modern engineering marvel. Each day, approx. 100,000 vehicles travel over the bridge deck, which weighs a staggering 150,000 ton...

2AI score
Exploits0
MSRC
MSRC
added 2022/06/14 7:0 a.m.12 views

2022 年 6 月のセキュリティ更新プログラム (月例)

2022 年 6 月 14 日(米国時間)、マイクロソフトは、マイクロソフト製品に影響する脆弱性を修正するために、セキ...

0.3AI score
Exploits0
MSRC
MSRC
added 2022/05/19 7:0 a.m.12 views

Researcher Spotlight: Hector Peralta’s Evolution from Popcorn Server to the MSRC Leaderboards

“The bug bounty literally changed my life. Before this, I had nothing.” Coolest thing he purchased : His first vehicle! Best gift to give: Buying his nephew gaming accessories. Favorite Hacking Companion : His two cats. They’re always by his side when he is working late. Origin of his Hacker name...

7AI score
Exploits0
MSRC
MSRC
added 2022/05/10 7:0 a.m.12 views

2022 年 5 月のセキュリティ更新プログラム (月例)

2022 年 5 月 10 日(米国時間)、マイクロソフトは、マイクロソフト製品に影響する脆弱性を修正するために、セキ...

0.3AI score
Exploits0
MSRC
MSRC
added 2022/04/28 7:0 a.m.12 views

Azure Database for PostgreSQL Flexible Server Privilege Escalation and Remote Code Execution

MSRC was informed by Wiz, a cloud security vendor, under Coordinated Vulnerability Disclosure CVD of an issue with the Azure Database for PostgreSQL Flexible Server that could result in unauthorized cross-account database access in a region. By exploiting an elevated permissions bug in the Flexib...

7.2AI score
Exploits0
MSRC
MSRC
added 2022/03/22 7:0 a.m.12 views

Exploring a New Class of Kernel Exploit Primitive

The security landscape is dynamic, changing often and as a result, attack surfaces evolve. MSRC receives a wide variety of cases spanning different products, bug types and exploit primitives. One particularly interesting primitive we see is an arbitrary kernel pointer read. These often happen whe...

7AI score
Exploits0
MSRC
MSRC
added 2022/03/07 8:0 a.m.12 views

Disclosure of Vulnerability in Azure Automation Managed Identity Tokens

On December 10, 2021, Microsoft mitigated a vulnerability in the Azure Automation service. Azure Automation accounts that used Managed Identitiestokens for authorization and an Azure Sandbox for job runtime and execution were exposed. Microsoft has not detected evidence of misuse of tokens...

1.7AI score
Exploits0
MSRC
MSRC
added 2022/02/01 8:0 a.m.12 views

Congratulations to the Top MSRC 2021 Q4 Security Researchers!

Congratulations to all the researchers recognized in this quarter’s Microsoft Researcher Recognition Program leaderboard! Thank you to everyone for your hard work and continued partnership to secure customers. The top three researchers of the 2021 Q4 Security Researcher Leaderboard are: rezer0dai...

6.8AI score
Exploits0
MSRC
MSRC
added 2021/10/14 7:0 a.m.12 views

Congratulations to the Top MSRC 2021 Q3 Security Researchers!

Congratulations to all the researchers recognized in this quarter’s MSRC Researcher Recognition Program leaderboard! Thank you to everyone for your hard work and continued partnership to secure customers. The top three researchers of the 2021 Q3 Security Researcher Leaderboard are: BugHunter010 8...

6.9AI score
Exploits0
MSRC
MSRC
added 2021/09/08 7:0 a.m.12 views

Coordinated disclosure of vulnerability in Azure Container Instances Service

Microsoft recently mitigated a vulnerability reported by a security researcher in the Azure Container Instances ACI that could potentially allow a user to access other customers’ information in the ACI service. Our investigation surfaced no unauthorized access to customer data. Out of an abundanc...

6.6AI score
Exploits0
MSRC
MSRC
added 2021/08/19 7:0 a.m.12 views

Announcing the Launch of the Azure SSRF Security Research Challenge

Microsoft is excited to announce the launch of a new, three-month security research challenge under the Azure Security Lab initiative. The Azure Server-Side Request Forgery SSRF Research Challenge invites security researchers to discover and share high impact SSRF vulnerabilities in Microsoft...

7.1AI score
Exploits0
MSRC
MSRC
added 2021/08/10 7:0 a.m.12 views

Point and Print Default Behavior Change

Our investigation into several vulnerabilities collectively referred to as “PrintNightmare” has determined that the default behavior of Point and Print does not provide customers with the level of security required to protect against potential attacks. Today, we are addressing this risk by changi...

3AI score
Exploits0
MSRC
MSRC
added 2021/03/18 7:0 a.m.12 views

オンプレミス Exchange Server の脆弱性の調査や修復に対応する方向けのガイダンス

「Guidance for responders: Investigating and remediating on-premises Exchange Server vulnerabilities」の日本語抄訳です。 最近一般に公開さ...

3.1AI score
Exploits0
MSRC
MSRC
added 2021/03/09 8:0 a.m.12 views

2021 年 3 月のセキュリティ更新プログラム (月例)

2021 年 3 月 10 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...

0.3AI score
Exploits0
MSRC
MSRC
added 2021/03/02 8:0 a.m.12 views

On-Premises Exchange Server Vulnerabilities Resource Center - updated March 25, 2021

On March 2nd, we released several security updates for Microsoft Exchange Server to address vulnerabilities that are being used in ongoing attacks. Due to the critical nature of these vulnerabilities, we recommend that customers protect their organizations by applying the patches immediately to...

3.8AI score
Exploits0
MSRC
MSRC
added 2020/08/04 7:0 a.m.12 views

Microsoft Bug Bounty Programs Year in Review: $13.7M in Rewards

Security researchers are a vital component of the cybersecurity ecosystem that safeguards every facet of digital life and commerce. The researchers who devote time to uncovering and reporting security issues before adversaries can exploit them have earned our collective respect and gratitude. The...

7AI score
Exploits0
MSRC
MSRC
added 2020/07/24 7:0 a.m.12 views

Updates to the Windows Insider Preview Bounty Program

Partnering with the research community is an important part of Microsoft’s holistic approach to defending against security threats. Bounty programs are one part of this partnership, designed to encourage and reward vulnerability research focused on the highest impact to customer security. The...

1.4AI score
Exploits0
MSRC
MSRC
added 2020/06/09 7:0 a.m.12 views

2020 年 6 月のセキュリティ更新プログラム (月例)

2020 年 6 月 10 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...

0.3AI score
Exploits0
MSRC
MSRC
added 2020/03/17 7:0 a.m.12 views

[サイバーセキュリティ月間2020] 製品のサポートが終了したらどうなるの?

2020 年 1 月に、広く利用されてきた Windows 7, Windows Server 2008/2008R2 のサポートが終了して既に数か月が過ぎました。サポートが終了す...

1.9AI score
Exploits0
MSRC
MSRC
added 2020/03/10 7:0 a.m.12 views

March 2020 security updates are available

We have released the March security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide...

6.7AI score
Exploits0
MSRC
MSRC
added 2020/02/11 8:0 a.m.12 views

February 2020 security updates are available

We have released the February security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide...

6.7AI score
Exploits0
MSRC
MSRC
added 2019/12/10 6:4 p.m.12 views

December 2019 security updates are available

We have released the December security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide. As a reminder,...

3.4AI score
Exploits0
MSRC
MSRC
added 2019/11/12 8:0 a.m.12 views

2019 年 11 月のセキュリティ更新プログラム (月例)

2019 年 11 月 13 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...

0.3AI score
Exploits0
MSRC
MSRC
added 2019/11/07 8:0 a.m.12 views

Using Rust in Windows

This Saturday 9th of November, there will be a keynote from Microsoft engineers Ryan Levick and Sebastian Fernandez at RustFest Barcelona. They will be talking about why Microsoft is exploring Rust adoption, some of the challenges we’ve faced in this process, and the future of Rust adoption in...

2.7AI score
Exploits0
MSRC
MSRC
added 2019/10/18 7:0 a.m.12 views

Introducing the ElectionGuard Bounty program

Today we are launching the ElectionGuard Bounty program. In May 2019, we announced the release of ElectionGuard, a free open-source SDK to make voting more secure, transparent, and accessible. ElectionGuard enables end-to-end verification of elections, open results to third-party organizations fo...

3.1AI score
Exploits0
MSRC
MSRC
added 2019/07/09 7:0 a.m.12 views

July 2019 Security Update Release

We have released the July security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide...

6.7AI score
Exploits0
MSRC
MSRC
added 2019/06/25 7:0 a.m.12 views

Inside the MSRC – Customer-centric incident response

The Microsoft Security Response Center MSRC is an integral part of Microsoft’s Cyber Defense Operations Center CDOC that brings together security response experts from across the company to help protect, detect, and respond to threats in real-time. Staffed with dedicated teams 24x7, the CDOC has...

0.4AI score
Exploits0
MSRC
MSRC
added 2019/06/11 5:0 p.m.12 views

June 2019 security update release

Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide...

2.9AI score
Exploits0
MSRC
MSRC
added 2019/01/28 8:0 a.m.12 views

Fuzzing para-virtualized devices in Hyper-V

Introduction Introduction Hyper-V is the backbone of Azure, running on its Hosts to provide efficient and fair sharing of resources, but also isolation. That’s why we, in the vulnerability research team for Windows, have been working in the background for years now helping secure Hyper-V. And why...

2.6AI score
Exploits0
MSRC
MSRC
added 2018/07/26 7:0 a.m.12 views

Recognizing Q4 Top 5 Bounty Hunters

We have tabulated the results from April-June 2018. The Top 5 Bounty Hunters for Q4 are now in. As with our list from Q3, we want to recognize both the leaders in payouts and in number of successful submissions. We appreciate the hard work and dedication of the following individuals and companies...

2.7AI score
Exploits0
MSRC
MSRC
added 2018/07/18 7:0 a.m.12 views

EMET サポート終了 – Windows Defender Exploitation Guard へ移行を

こんにちは、垣内ゆりかです。 2009 年にリリースされて以来、最先端の攻撃緩和を追加する無償のツールとして、...

2.4AI score
Exploits0
MSRC
MSRC
added 2018/06/12 7:0 a.m.12 views

2018 年 6 月のセキュリティ更新プログラム (月例)

2018/6/21 更新: 2 件のセキュリティ アドバイザリ ADV180016 および ADV180010 の情報を追加しました。 -------------- 2018 年 6 月 13 日 日本時間、マ...

0.3AI score
Exploits0
Total number of security vulnerabilities1366