Lucene search
K
MsrcMost viewed

1366 matches found

MSRC
MSRC
added 2026/05/12 12:0 a.m.9 views

A note on this month's Patch Tuesday

Each Patch Tuesday looks a little different. Some months are quieter, others are larger. This month's release sits on the larger side of a hotpatch month, and we expect releases to continue trending larger for some time. Every update reflects investments we have made across the development...

5.8AI score
Exploits0
MSRC
MSRC
added 2025/12/11 12:0 a.m.9 views

Evolving our approach to coordinated security research: In scope by default

Today at Black Hat Europe, I raised our commitment to customer security through our partnerships with the security research community...

7AI score
Exploits0
MSRC
MSRC
added 2025/11/09 12:0 a.m.9 views

INTERN(al) MSRC variant hunting: From multi-tenant authorization to Model Context Protocol

When security researchers submit a vulnerability report to MSRC, the Vulnerabilities and Mitigations V&M team reviews it, reproduces the issue, and determines severity. The team reviews all submissions from internal and external security researchers...

7AI score
Exploits0
MSRC
MSRC
added 2025/08/27 7:0 a.m.9 views

BlueHat Asia 2025: Closing soon: Submit your papers by September 14, 2025

The next chapter of the Microsoft Security Response Center’s MSRC BlueHat security conference is fast approaching. BlueHat Asia 2025 will take place in Bengaluru, India, on November 5 – 6, 2025 and the Call for Papers is now open. Submissions will be accepted through September 14, 2025. Now in it...

6.9AI score
Exploits0
MSRC
MSRC
added 2025/08/25 7:0 a.m.9 views

postMessaged and Compromised

At Microsoft, securing the ecosystem means more than just fixing bugs—it means proactively hunting for variant classes, identifying systemic weaknesses, and working across teams to protect customers before attackers ever get the chance. This blog highlights one such effort: a deep dive into the...

7.2AI score
Exploits0
MSRC
MSRC
added 2025/08/05 7:0 a.m.9 views

Microsoft Bounty Program year in review: $17 million in rewards

We’re thrilled to share that this year, the Microsoft Bounty Program has distributed $17 million to 344 security researchers from 59 countries, the highest total bounty awarded in the program’s history. In close collaboration with the Microsoft Security Response Center MSRC, these security...

7.3AI score
Exploits0
MSRC
MSRC
added 2025/05/09 7:0 a.m.9 views

Congratulations to the Top MSRC 2025 Q1 Security Researchers!

Congratulations to all the researchers recognized in this quarter’s Microsoft Researcher Recognition Program leaderboard! Thank you to everyone for your hard work and continued partnership to secure customers. The top three researchers of the 2025 Q1 Security Researcher Leaderboard are 0x140ce,...

7.2AI score
Exploits0
MSRC
MSRC
added 2025/03/13 7:0 a.m.9 views

Jailbreaking is (mostly) simpler than you think

Content warning: This blog post contains discussions of sensitive topics. These subjects may be distressing or triggering for some readers. Reader discretion is advised. Today, we are sharing insights on a simple, optimization-free jailbreak method called Context Compliance Attack CCA, that has...

7.2AI score
Exploits0
MSRC
MSRC
added 2023/04/11 7:0 a.m.9 views

Best practices regarding Azure Storage Keys, Azure Functions, and Azure Role Based Access

Summary Azure provides developers and security operations staff a wide array of configurable security options to meet organizational needs. Throughout the software development lifecycle, it is important for customers to understand the shared responsibility model, as well as be familiar with vario...

7.3AI score
Exploits0
MSRC
MSRC
added 2023/02/28 8:0 a.m.9 views

First steps in CHERIoT Security Research

At Microsoft, we invest a lot of time researching and investigating possibilities in our journey to memory safety. Because the massive majority of existing codebases are written in unsafe programming languages, the task of protecting legacy code is very important. Hardware solutions are an...

7.1AI score
Exploits0
MSRC
MSRC
added 2022/12/02 8:0 a.m.9 views

BlueHat 2023: Applications to Attend NOW OPEN!

We are excited to announce that applications to attend BlueHat 2023 are now open We are excited to announce that applications to attend BlueHat 2023 are now open BlueHat 2023 will be the 20th version of the BlueHat conference and will once again be on the Microsoft campus in Redmond, WA, USA, fro...

2.9AI score
Exploits0
MSRC
MSRC
added 2022/11/01 7:0 a.m.9 views

Microsoft Mitigates Vulnerability in Jupyter Notebooks for Azure Cosmos DB

Summary Microsoft recently fixed an authentication bypass vulnerability in Jupyter Notebooks for Azure Cosmos DB currently in preview reported by Orca Security. Customers not using Jupyter Notebooks 99.8% of Azure Cosmos DB customers do NOT use Jupyter notebooks were not susceptible to this...

7.5AI score
Exploits0
MSRC
MSRC
added 2022/09/30 7:0 a.m.9 views

Microsoft Exchange サーバーのゼロデイ脆弱性報告に関するお客様向けガイダンス

本ブログは、Customer Guidance for Reported Zero-day Vulnerabilities in Microsoft Exchange Serverの抄訳版です。最新の情報は原文を参照してくだ...

1.7AI score
Exploits0
MSRC
MSRC
added 2022/08/09 7:0 a.m.9 views

2022 年 8 月のセキュリティ更新プログラム (月例)

2022 年 8 月 9 日(米国時間)、マイクロソフトは、マイクロソフト製品に影響する脆弱性を修正するために、セキ...

0.3AI score
Exploits0
MSRC
MSRC
added 2022/07/19 7:0 a.m.9 views

Congratulations to the Top MSRC 2022 Q2 Security Researchers!

Congratulations to all the researchers recognized in this quarter’s Microsoft Researcher Recognition Program leaderboard! Thank you to everyone for your hard work and continued partnership to secure customers. The top three researchers of the 2022 Q2 Security Researcher Leaderboard are: Yuki Chen...

1.4AI score
Exploits0
MSRC
MSRC
added 2022/06/24 7:0 a.m.9 views

A Man of Action: Meet Callum Carney

Hidden Talents : He was a competitive swimmer for many years. Instrument of Choice : His fingers were made for the keyboard, but he used to play the trumpet. 5 pieces of entertainment for the rest of his life : The Office, World War Z, The Matrix, Breaking Bad, The Thick of It...

1.8AI score
Exploits0
MSRC
MSRC
added 2022/05/13 7:0 a.m.9 views

Anatomy of a Security Update

The Microsoft Security Response Center is part of the defender community and on the front line of security response for our customers and the company. Our mission is to protect customers and Microsoft from current and emerging threats related to security and privacy. We monitor threats and provid...

6.9AI score
Exploits0
MSRC
MSRC
added 2022/04/21 7:0 a.m.9 views

Congratulations and New Swag Awards for the Top MSRC 2022 Q1 Security Researchers!

Today, we are excited to recognize this quarter’s Microsoft Researcher Recognition Program leaderboard and share new swag awards and improvements to the leaderboard. Congratulations and thank you to everyone for your hard work and continued partnership to secure customers. The top three researche...

6.9AI score
Exploits0
MSRC
MSRC
added 2022/04/14 7:0 a.m.9 views

Expanding High Impact Scenario Awards for Microsoft Bug Bounty Programs

We are excited to announce the addition of scenario-based bounty awards to the Dynamics 365 and Power Platform Bounty Program and M365 Bounty Program. Through these new scenario-based bounty awards, we encourage researchers to focus their research on vulnerabilities that have the highest potentia...

0.8AI score
Exploits0
MSRC
MSRC
added 2022/03/01 8:0 a.m.9 views

ウクライナにおけるサイバー脅威アクティビティ: 分析とリソース

本ブログは、Cyber threat activity in Ukraine: analysis and resources – Microsoft Security Response Center の抄訳版です。最新の情報は原文を参照してください。 2022 年...

1.7AI score
Exploits0
MSRC
MSRC
added 2022/01/11 8:0 a.m.9 views

Coming Soon: New Security Update Guide Notification System

Sharing information through the Security Update Guide is an important part of our ongoing effort to help customers manage security risks and keep systems protected. Based on your feedback we have been working to make signing up for and receiving Security Update Guide notifications easier. We are...

0.8AI score
Exploits0
MSRC
MSRC
added 2021/12/22 8:0 a.m.9 views

Azure App Service Linux source repository exposure

MSRC was informed by Wiz.io, a cloud security vendor, under Coordinated Vulnerability Disclosure CVD of an issue where customers can unintentionally configure the .git folder to be created in the content root, which would put them at risk for information disclosure. This, when combined with an...

1.9AI score
Exploits0
MSRC
MSRC
added 2021/11/21 8:0 a.m.9 views

セキュリティ更新プログラム リリース スケジュール (2022 年)

2022 年のセキュリティ更新プログラムの公開予定日は下記のとおりです。更新プログラムの評価、テスト、適用の...

0.3AI score
Exploits0
MSRC
MSRC
added 2021/10/18 7:0 a.m.9 views

New High Impact Scenarios and Awards for the Azure Bounty Program

Microsoft is excited to announce new Azure Bounty Program awards up to $60,000 to encourage and reward vulnerability research focused on the highest potential impact to customer security. These increased awards are a part of our ongoing investment in partnership with the security research...

6.8AI score
Exploits0
MSRC
MSRC
added 2021/10/13 7:0 a.m.9 views

Power Platform is Here! Introducing the Dynamics 365 and Power Platform Bug Bounty Program

Microsoft is excited to announce the addition of Power Platform to the newly rebranded Dynamics 365 and Power Platform Bounty Program. Through this expanded program, we encourage researchers to discover and report high impact security vulnerabilities they may find in the new Power Platform scope ...

7AI score
Exploits0
MSRC
MSRC
added 2021/08/04 7:0 a.m.9 views

Congratulations to the MSRC 2021 Most Valuable Security Researchers!

The MSRC Researcher Recognition Program offers public thanks and acknowledgement to the researchers who help protect customers through discovering and sharing security vulnerabilities under Coordinated Vulnerability Disclosure. Today, we are excited to recognize this year’s Most Valuable Security...

1AI score
Exploits0
MSRC
MSRC
added 2021/07/29 7:0 a.m.9 views

Security Update Validation Program (SUVP) に関するよくあるお問い合わせ

本記事は「Security Update Validation Program: the early bird tests the worm」の日本語抄訳です。 Security Update Validation Program SUVP、セキュリテ...

1.5AI score
Exploits0
MSRC
MSRC
added 2021/07/13 7:0 a.m.9 views

2021 年 7 月のセキュリティ更新プログラム (月例)

2021 年 7 月 14 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...

0.3AI score
Exploits0
MSRC
MSRC
added 2021/03/02 8:0 a.m.9 views

On-Premises Exchange Server Vulnerabilities Resource Center - updated March 25, 2021

On March 2nd, we released several security updates for Microsoft Exchange Server to address vulnerabilities that are being used in ongoing attacks. Due to the critical nature of these vulnerabilities, we recommend that customers protect their organizations by applying the patches immediately to...

7.1AI score
Exploits0
MSRC
MSRC
added 2021/02/10 8:0 a.m.9 views

MSRC Security Researcher Recognition: 2021

Wondering how to get into the 2021 MSRC Most Valuable Security Researcher list and get recognized during the Black Hat USA this August? Read on to learn more about the different paths you can take to get into the top researcher tiers. The MSRC Most Valuable Security Researcher MVR and MSRC...

6.9AI score
Exploits0
MSRC
MSRC
added 2021/02/09 8:0 a.m.9 views

2021 年 2 月のセキュリティ更新プログラム (月例)

2021 年 2 月 10 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...

0.3AI score
Exploits0
MSRC
MSRC
added 2021/01/14 8:0 a.m.9 views

Top MSRC 2020 Q4 Security Researchers – Congratulations!

We’re excited to announce the top contributing researchers for the 2020 Fourth Quarter Q4! Congratulations to all of the researchers who made this quarter’s leaderboard and a huge thank you to everyone who continues to help secure our customers and the ecosystem. The top three researchers of the...

6.9AI score
Exploits0
MSRC
MSRC
added 2020/12/31 8:0 a.m.9 views

Microsoft Internal Solorigate Investigation Update

As we said in our recent blog, we believe the Solorigate incident is an opportunity to work together in important ways, to share information, strengthen defenses and respond to attacks. Like other SolarWinds customers, we have been actively looking for indicators of the Solorigate actor and want ...

7.1AI score
Exploits0
MSRC
MSRC
added 2020/12/17 8:0 a.m.9 views

[IT 管理者向け] CVSS を読み解いて脆弱性をより正しく理解する

新しいバージョンのセキュリティ更新プログラムについては下記の関連ブログもご覧ください。 「新しいセキュ...

0.7AI score
Exploits0
MSRC
MSRC
added 2020/10/13 7:0 a.m.9 views

2020 年 10 月のセキュリティ更新プログラム (月例)

2020 年 10 月 14 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...

0.3AI score
Exploits0
MSRC
MSRC
added 2020/10/06 7:0 a.m.9 views

Concluding the Azure Sphere Security Research Challenge, Microsoft Awards $374,300 to Global Security Research Community

The Azure Sphere Security Research Challenge brought together 70 researchers from 21 countries to help secure Azure Sphere customers and expand Microsoft’s partnerships with the global IoT security research community. During the three-month Azure Sphere Security Research Challenge, researchers...

0.2AI score
Exploits0
MSRC
MSRC
added 2020/09/21 7:0 a.m.9 views

What to Expect When Reporting Vulnerabilities to Microsoft

At the Microsoft Security Response Center’s MSRC, our primary mission is to help protect our customers. One of the ways we do this is by working with security researchers to discover security vulnerabilities in our services and products, and then making sure those that pose a threat to customers...

6.9AI score
Exploits0
MSRC
MSRC
added 2020/09/21 7:0 a.m.9 views

New and improved Security Update Guide!

We’re excited to announce a significant update to the Security Update Guide, our one-stop site for information about all security updates provided by Microsoft. This new version will provide a more intuitive user experience to help protect our customers regardless of what Microsoft products or...

2.7AI score
Exploits0
MSRC
MSRC
added 2020/09/21 7:0 a.m.9 views

What to Expect When Reporting Vulnerabilities to Microsoft

At the Microsoft Security Response Center’s MSRC, our primary mission is to help protect our customers. One of the ways we do this is by working with security researchers to discover security vulnerabilities in our services and products, and then making sure those that pose a threat to customers...

1.6AI score
Exploits0
MSRC
MSRC
added 2020/08/17 7:0 a.m.9 views

Control Flow Guard for Clang/LLVM and Rust

As part of our ongoing efforts towards safer systems programming, we’re pleased to announce that Windows Control Flow Guard CFG support is now available in the Clang C/C++ compiler and Rust. What is Control Flow Guard? CFG is a platform security technology designed to enforce control flow...

7.3AI score
Exploits0
MSRC
MSRC
added 2020/08/05 7:0 a.m.9 views

Congratulations to the MSRC’s 2020 Most Valuable Security Researchers

Today we announce our Most Valuable Security Researchers for 2020! The MSRC Researcher Recognition program is an integral aspect of recognizing the ongoing partnerships with our community of talented security researchers who report through Coordinated Vulnerability Disclosure CVD. These...

1.8AI score
Exploits0
MSRC
MSRC
added 2020/08/04 7:0 a.m.9 views

Microsoft Bug Bounty Programs Year in Review: $13.7M in Rewards

Security researchers are a vital component of the cybersecurity ecosystem that safeguards every facet of digital life and commerce. The researchers who devote time to uncovering and reporting security issues before adversaries can exploit them have earned our collective respect and gratitude. The...

2.4AI score
Exploits0
MSRC
MSRC
added 2020/08/03 7:0 a.m.9 views

Microsoft Joins Open Source Security Foundation

Microsoft has invested in the security of open source software for many years and today I’m excited to share that Microsoft is joining industry partners to create the Open Source Security Foundation OpenSSF, a new cross-industry collaboration hosted at the Linux Foundation. The OpenSSF brings...

6.8AI score
Exploits0
MSRC
MSRC
added 2020/07/01 7:0 a.m.9 views

マルウェア感染が判明した場合の対応ステップ

昨今、働き方の変化に伴い、BYOD Bring Your Own Device 端末のご利用やリモートワークの必要性が増加しています。それ...

2.2AI score
Exploits0
MSRC
MSRC
added 2020/06/01 7:0 a.m.9 views

Machine Learning Security Evasion Competition 2020 Invites Researchers to Defend and Attack

Machine learning ML is an increasingly valuable tool in cyber security as adversaries continually evolve their tactics and techniques to evade detection. As machine learning has advanced and sophisticated ML models have been developed to assist security professionals in protecting the cloud,...

3.3AI score
Exploits0
MSRC
MSRC
added 2020/04/29 7:0 a.m.9 views

The Safety Boat: Kubernetes and Rust

Our team, DeisLabs, recently released a new piece of software called Krustlet, which is a tool for running WebAssembly modules on the popular, open-source container management tool called Kubernetes. Kubernetes is used quite extensively to run cloud software across many vendors and companies and ...

6.9AI score
Exploits0
MSRC
MSRC
added 2020/04/14 7:0 a.m.9 views

2020 年 4 月のセキュリティ更新プログラム (月例)

2020 年 4 月 15 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...

0.3AI score
Exploits0
MSRC
MSRC
added 2020/02/24 8:0 a.m.9 views

Calling for security research in Azure Sphere, now generally available

Today, Microsoft released Azure Sphere into General Availability GA. Azure Sphere’s mission is to empower every organization on the planet to connect and create secured and trustworthy IoT devices. Azure Sphere is an end-to-end solution for securely connecting existing equipment and for creating...

7AI score
Exploits0
MSRC
MSRC
added 2020/02/10 8:0 a.m.9 views

[サイバーセキュリティ月間2020] マイクロソフト セキュリティパッチのきほん②

※ 2020 年 11 月に、セキュリティ更新プログラム ガイドがリニューアルしています。新しいセキュリティ更新プログ...

0.3AI score
Exploits0
MSRC
MSRC
added 2020/01/22 8:0 a.m.9 views

カスタマー サポート データベースのアクセス構成の誤りについて

本記事は、Microsoft Security Response Center ブログ “Access Misconfiguration for Customer Support Database” 2020 年 1 月 22 日 米国時間...

1AI score
Exploits0
Total number of security vulnerabilities1366