Lucene search
K
MsrcMost viewed

1366 matches found

MSRC
MSRC
added 2021/08/19 7:0 a.m.11 views

Announcing the Launch of the Azure SSRF Security Research Challenge

Microsoft is excited to announce the launch of a new, three-month security research challenge under the Azure Security Lab initiative. The Azure Server-Side Request Forgery SSRF Research Challenge invites security researchers to discover and share high impact SSRF vulnerabilities in Microsoft...

1.1AI score
Exploits0
MSRC
MSRC
added 2021/08/10 7:0 a.m.11 views

2021 年 8 月のセキュリティ更新プログラム (月例)

2021 年 8 月 11 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...

0.3AI score
Exploits0
MSRC
MSRC
added 2021/08/10 7:0 a.m.11 views

Point and Print Default Behavior Change

Our investigation into several vulnerabilities collectively referred to as “PrintNightmare” has determined that the default behavior of Point and Print does not provide customers with the level of security required to protect against potential attacks. Today, we are addressing this risk by changi...

7.1AI score
Exploits0
MSRC
MSRC
added 2021/03/24 7:0 a.m.11 views

Introducing Bounty Awards for Teams Desktop Client Security Research

Partnering with the security research community is an important part of Microsoft’s holistic approach to defending against security threats. As much of the world has shifted to working from home in the last year, Microsoft Teams has enabled people to stay connected, organized, and collaborate...

1.2AI score
Exploits0
MSRC
MSRC
added 2021/03/07 8:0 a.m.11 views

Exchange Server の脆弱性の緩和策

「Microsoft Exchange Server Vulnerabilities Mitigations – March 2021」の日本語抄訳です。 マイクロソフトは先週公開したブログにて、...

2AI score
Exploits0
MSRC
MSRC
added 2021/03/03 8:0 a.m.11 views

A new experience for reporting copyright or trademark infringement on Microsoft Services

The Notice of Copyright or Trademark Infringement Portal has helped protect Microsofts users and customers from intellectual property infringement across online services like Microsoft Azure, Office, Outlook, Skype, Stream, Microsoft News, Sway, Hotmail, NuGet, and Yammer. Microsofts response to...

1.7AI score
Exploits0
MSRC
MSRC
added 2021/01/12 8:0 a.m.11 views

2021 年 1 月のセキュリティ更新プログラム (月例)

2021 年 1 月 13 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...

0.3AI score
Exploits0
MSRC
MSRC
added 2020/12/31 8:0 a.m.11 views

Microsoft Internal Solorigate Investigation Update

As we said in our recent blog, we believe the Solorigate incident is an opportunity to work together in important ways, to share information, strengthen defenses and respond to attacks. Like other SolarWinds customers, we have been actively looking for indicators of the Solorigate actor and want ...

2.8AI score
Exploits0
MSRC
MSRC
added 2020/11/09 8:0 a.m.11 views

Vulnerability Descriptions in the New Version of the Security Update Guide

With the launch of the new version of the Security Update Guide, Microsoft is demonstrating its commitment to industry standards by describing the vulnerabilities with the Common Vulnerability Scoring System CVSS. This is a precise method that describes the vulnerability with attributes such as t...

2.8AI score
Exploits0
MSRC
MSRC
added 2020/11/09 8:0 a.m.11 views

新しいセキュリティ更新プログラム ガイドでの脆弱性情報の詳細

新しいバージョンのセキュリティ更新プログラムについては下記の関連ブログもご覧ください。 「新しいセキュ...

0.3AI score
Exploits0
MSRC
MSRC
added 2020/09/21 7:0 a.m.11 views

New and improved Security Update Guide!

We’re excited to announce a significant update to the Security Update Guide, our one-stop site for information about all security updates provided by Microsoft. This new version will provide a more intuitive user experience to help protect our customers regardless of what Microsoft products or...

6.6AI score
Exploits0
MSRC
MSRC
added 2020/07/24 7:0 a.m.11 views

Updates to the Windows Insider Preview Bounty Program

Partnering with the research community is an important part of Microsoft’s holistic approach to defending against security threats. Bounty programs are one part of this partnership, designed to encourage and reward vulnerability research focused on the highest impact to customer security. The...

6.9AI score
Exploits0
MSRC
MSRC
added 2020/05/05 7:0 a.m.11 views

Azure Sphere Security Research Challenge Now Open

The Azure Sphere Security Research Challenge is an expansion of Azure Security Lab, announced at Black Hat in August 2019. At that time, a select group of talented researchers was invited to come and do their worst, emulating criminal hackers in a customer-safe cloud environment. This new researc...

1.2AI score
Exploits0
MSRC
MSRC
added 2020/04/23 7:0 a.m.11 views

Congratulating Our Top 2020 Q1 Security Researchers!

Following the second Security Researcher Quarterly Leaderboard and the 2020 MSRC Most Valuable Security Researchers criteria we published in February 2020, we are excited to announce the 2020 First Quarter Q1 Security Researcher Leaderboard, listing our top contributing researchers for the last...

2.4AI score
Exploits0
MSRC
MSRC
added 2020/03/10 7:0 a.m.11 views

March 2020 security updates are available

We have released the March security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide...

3.1AI score
Exploits0
MSRC
MSRC
added 2020/02/25 8:0 a.m.11 views

[サイバーセキュリティ月間2020] マイクロソフト セキュリティパッチのきほん④

マイクロソフトでは、毎月第二火曜日を月例のセキュリティ更新日とし、さまざまな製品の脆弱性情報を公開し...

0.3AI score
Exploits0
MSRC
MSRC
added 2020/02/03 8:0 a.m.11 views

[サイバーセキュリティ月間2020] マイクロソフト セキュリティパッチのきほん①

マイクロソフト製品に存在するセキュリティの脆弱性に関しては、脆弱性情報を公開しセキュリティ更新プログ...

0.3AI score
Exploits0
MSRC
MSRC
added 2019/11/20 8:0 a.m.11 views

Customer Guidance for the Dopplepaymer Ransomware

Microsoft has been investigating recent attacks by malicious actors using the Dopplepaymerransomware. There is misleading information circulating about Microsoft Teams, along with references to RDP BlueKeep, as ways in which this malware spreads. Our security research teams have investigated and...

1.9AI score
Exploits0
MSRC
MSRC
added 2019/10/16 7:0 a.m.11 views

An intern's experience with Rust

Over the course of my internship at the Microsoft Security Response Center MSRC, I worked on the safe systems programming languages SSPL team to promote safer languages for systems programming where runtime overhead is important, as outlined in this blog. My job was to port a security critical...

7.4AI score
Exploits0
MSRC
MSRC
added 2019/10/08 7:0 a.m.11 views

Designing a COM library for Rust

I interned with Microsoft as a Software Engineering Intern in the MSRC UK team in Cheltenham this past summer. I worked in the Safe Systems Programming Language SSPL group, which explores safe programming languages as a proactive measure against memory-safety related vulnerabilities. This blog po...

7AI score
Exploits0
MSRC
MSRC
added 2019/10/08 7:0 a.m.11 views

2019 年 10 月のセキュリティ更新プログラム (月例)

2019 年 10 月 9 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...

0.3AI score
Exploits0
MSRC
MSRC
added 2019/09/11 7:0 a.m.11 views

Attacking the VM Worker Process

In the past year we invested a lot of time making Hyper-V research more accessible to everyone. Our first blog post, “First Steps in Hyper-V Research”, describes the tools and setup for debugging the hypervisor and examines the interesting attack surfaces of the virtualization stack components. W...

1.6AI score
Exploits0
MSRC
MSRC
added 2019/07/25 7:0 a.m.11 views

Microsoft Announces Top Contributing Partners in the Microsoft Active Protections Program (MAPP)

Today we announce the top organizational candidates for Vulnerability Top Contributors, Threat Indicator Top Submitters, and Zero-Day Top Reporting for the period of July 1, 2018 – June 30, 2019. The Microsoft Active Protections Program provides security and protection to customers through...

2.3AI score
Exploits0
MSRC
MSRC
added 2019/07/22 7:0 a.m.11 views

Why Rust for safe systems programming

In this series, we have explored the need for proactive measures to eliminate a class of vulnerabilities and walked through some examples of memory safety issues we’ve found in Microsoft code that could have been avoided with a different language. Now we’ll peek at why we think that Rust represen...

7.4AI score
Exploits0
MSRC
MSRC
added 2019/07/17 7:0 a.m.11 views

Announcing the Microsoft Dynamics 365 Bounty program

One of Microsoft’s many security investments to protect customers is in the partnerships we build with the external security research community. We are excited to announce the launch of theDynamics 365 Bounty program and welcome researchers to seek out and disclose any high impact vulnerabilities...

0.9AI score
Exploits0
MSRC
MSRC
added 2019/07/17 7:0 a.m.11 views

Announcing the Microsoft Dynamics 365 Bounty program

One of Microsoft’s many security investments to protect customers is in the partnerships we build with the external security research community. We are excited to announce the launch of theDynamics 365 Bounty program and welcome researchers to seek out and disclose any high impact vulnerabilities...

7AI score
Exploits0
MSRC
MSRC
added 2019/05/14 7:0 a.m.11 views

May 2019 Security Update Release

Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide...

3AI score
Exploits0
MSRC
MSRC
added 2019/03/12 7:0 a.m.11 views

2019 年 3 月のセキュリティ更新プログラム (月例)

2019 年 3 月 13 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...

0.3AI score
Exploits0
MSRC
MSRC
added 2019/01/23 8:0 a.m.11 views

Microsoft’s Cyber Defense Operations Center shares best practices

Today, a single breach, physical or virtual, can cause millions of dollars of damage to an organization and potentially billions in financial losses to the global economy. Each week seems to bring a new disclosure of a cybersecurity breach somewhere in the world. As we look at the current state o...

2.4AI score
Exploits0
MSRC
MSRC
added 2018/11/13 8:0 a.m.11 views

November 2018 Security Update Release

Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide...

3AI score
Exploits0
MSRC
MSRC
added 2018/11/12 8:0 a.m.11 views

Should You Send Your Pen Test Report to the MSRC?

Every day, the Microsoft Security Response Center MSRC receives vulnerability reports from security researchers, technology/industry partners, and customers. We want those reports, because they help us make our products and services more secure. High-quality reports that include proof of concept,...

6.8AI score
Exploits0
MSRC
MSRC
added 2018/10/25 7:0 a.m.11 views

更新プログラムが正しくインストールされたかを確認する方法 - Windows 7 の場合

本ブログ記事は初級レベルから中級レベルのコンピューター ユーザーを対象にしています。 Windows 10 をお使いのお客...

1.8AI score
Exploits0
MSRC
MSRC
added 2018/09/12 7:0 a.m.11 views

[セキュリティ基本対策 5 か条] 第 1 条 最新の状態で利用する

注: この内容は一般の方を対象とした記述にしています。 今日はセキュリティ基本対策 5 か条の第 1 条「最新の...

0.3AI score
Exploits0
MSRC
MSRC
added 2018/08/01 7:0 a.m.11 views

The Making of the Top 100 Researcher List

At Black Hat USA each year, we unveil the Top 100 Security Researcher list to reflect the amazing engagement we get from the community. During this period, we had several thousand researchers engage with the Microsoft Security Response Center MSRC. We appreciate all the partnership and coordinati...

1.3AI score
Exploits0
MSRC
MSRC
added 2018/04/20 7:0 a.m.11 views

Recognizing Q3 Top 5 Bounty Hunters

Throughout the year, security researchers submit some amazing work to us under the Microsoft Bug Bounty program. Starting this quarter, we want to give a shout out to and acknowledge the hard work and dedication of the following individuals and companies who have contributed to securing Microsoft...

6.8AI score
Exploits0
MSRC
MSRC
added 2018/04/10 7:0 a.m.11 views

April 2018 security update release

Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice. More information about this...

2.6AI score
Exploits0
MSRC
MSRC
added 2018/03/13 7:0 a.m.11 views

March 2018 security update release

Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice. More information about this...

2.5AI score
Exploits0
MSRC
MSRC
added 2018/01/09 8:0 a.m.11 views

January 2018 security update release

Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice. More information about this...

7AI score
Exploits0
MSRC
MSRC
added 2017/12/25 8:0 a.m.11 views

未更新のシステム脆弱性を狙う WannaCrypt ランサムウェア

本記事は、Windows Security のブログ “WannaCrypt ransomware worm targets out-of-date systems” 2017 年 5 月 12 日 米国時間...

1.2AI score
Exploits0
MSRC
MSRC
added 2017/12/25 8:0 a.m.11 views

Windows Defender Advanced Threat Protection の機械学習: 未知の侵入アクティビティの検出

本記事は、Windows Security のブログ “Windows Defender ATP machine learning: Detecting new and unusual breach activity” 2017 年 8 月 3 日 米...

1.8AI score
Exploits0
MSRC
MSRC
added 2017/11/01 7:0 a.m.11 views

Windows Defender Exploit Guard: 攻撃表面を縮小して次世代型マルウェアに対抗する

本記事は、Windows Security のブログ “Windows Defender Exploit Guard: Reduce the attack surface against next-generation malware” 2017 年 10 月 23 日 米国...

2.4AI score
Exploits0
MSRC
MSRC
added 2017/09/12 7:0 a.m.11 views

September 2017 security update release

Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice. More information about this...

2.1AI score
Exploits0
MSRC
MSRC
added 2017/09/12 7:0 a.m.11 views

September 2017 security update release

Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice. More information about this...

6.8AI score
Exploits0
MSRC
MSRC
added 2017/09/01 7:0 a.m.11 views

Announcing the BlueHat v17 Schedule

September is here! The dash from the close of the call for papers to now has been amazing. We had nearly two hundred submissions spanning the gamut of security topics and presenters. The result is a solid schedule that will challenge and educate all attendees. On behalf of the content advisory...

0.5AI score
Exploits0
MSRC
MSRC
added 2017/06/28 7:0 a.m.11 views

Petya マルウェア攻撃に関する最新情報

本記事は、Microsoft Security Response Center のブログ “Update on Petya malware attacks” 2017 年 6 月 28 日 米国時間公...

1.5AI score
Exploits0
MSRC
MSRC
added 2017/06/13 7:0 a.m.11 views

June 2017 security update release

Microsoft releases additional updates for older platforms to protect against potential nation-state activity Today, as part of our regular Update Tuesday schedule, we have taken action to provide additional critical security updates to address vulnerabilities that are at heightened risk of...

7.1AI score
Exploits0
MSRC
MSRC
added 2017/06/01 7:0 a.m.11 views

BlueHat v17 Call for Papers Opens

Calling security professionals and enthusiasts throughout the world. Microsoft is pleased to open the Call for Papers for our BlueHat v17 Security Conference. Potential speakers have from June 1st through August 18th to submit abstract proposals for this unique opportunity. As in past events, we...

2.3AI score
Exploits0
MSRC
MSRC
added 2017/05/13 7:0 a.m.11 views

ランサムウェア WannaCrypt 攻撃に関するお客様ガイダンス

概要 概要 2017 年 5 月 12 日 米国時間 より、マイクロソフトは、イギリスを始めとする複数の国の医療機関やその...

0.8AI score
Exploits0
MSRC
MSRC
added 2017/04/20 7:0 a.m.11 views

Bountycraft at Nullcon 2017

Security is a critical component of our products at Microsoft. A strong emphasis on security is a persistent factor throughout our entire development process. Microsoft is committed to designing and developing secure software. Testing is performed both internally and by working closely with the...

1.6AI score
Exploits0
MSRC
MSRC
added 2017/04/20 7:0 a.m.11 views

Bountycraft at Nullcon 2017

Security is a critical component of our products at Microsoft. A strong emphasis on security is a persistent factor throughout our entire development process. Microsoft is committed to designing and developing secure software. Testing is performed both internally and by working closely with the...

6.9AI score
Exploits0
Total number of security vulnerabilities1366