1371 matches found
Guidance for CVE-2022-23278 spoofing in Microsoft Defender for Endpoint
Microsoft released a security update to address CVE-2022-23278 in Microsoft Defender for Endpoint. This important class spoofing vulnerability impacts all platforms. We wish to thank Falcon Force for the collaboration on addressing this issue through coordinated vulnerability disclosure...
Guidance related to Secure Boot Manager changes associated with CVE-2023-24932
Summary Summary Today, Microsoft is releasing CVE-2023-24932, and associated configuration guidance, to address a Secure Boot bypass vulnerability used by the BlackLotus bootkit to exploit CVE-2022-21894. Customers will need to closely follow the configuration guidance to fully protect against th...
Guidance for responders: Investigating and remediating on-premises Exchange Server vulnerabilities
This guidance will help customers address threats taking advantage of the recently disclosed Microsoft Exchange Server on-premises vulnerabilities CVE-2021-26855, CVE-2021-26858, CVE-2021-26857, and CVE-2021-27065, which are being exploited. We strongly urge customers to immediately update system...
Microsoft Announces Top Three Contributing Partners in the Microsoft Active Protections Program (MAPP)
Today Microsoft announced the MAPP program Top Vulnerability Contributors, Top Threat Indicator Submitters, and Top Zero-Day Reporting for the period of July 1, 2018 – June 30, 2019. The Microsoft Active Protections Program provides security and protection to customers through cooperation and...
Time zone updates for Brazil are available for 2019/2020
The June 2019 update provides below changes for Brazil Daylight Savings Time DST. Brazil has decided to no longer follow DST. DST won’t start on the first Sunday of November 2019 as previously scheduled. More details about latest DST changes for Brazil can be found here. To reflect these changes...
Attacks exploiting Netlogon vulnerability (CVE-2020-1472)
Microsoft has received a small number of reports from customers and others about continued activity exploiting a vulnerability affecting the Netlogon protocol CVE-2020-1472 which was previously addressed in security updates starting on August 11, 2020. If the original guidance is not applied, the...
Clarified Guidance for CVE-2021-34527 Windows Print Spooler Vulnerability
On Tuesday July 6, 2021, Microsoft issued CVE-2021-34527 regarding a Windows Print Spooler vulnerability. Updates were released on July 6 and 7 which addressed the vulnerability for all supported Windows versions. We encourage customers to update as soon as possible. CVE-2021-34527 - Windows Prin...
Microsoft Launches a New Recognition Program for MAPP Partners
There are many dedicated people and organizations who contribute to the protection and security of our common customers. For years, Microsoft has recognized security researchers for helping protect the ecosystem. Now, we’re announcing the launch of a new program to better recognize and thank...
Guidance for CVE-2022-30190 Microsoft Support Diagnostic Tool Vulnerability
UPDATE July 12, 2022: As part of the response by Microsoft, a defense in depth variant has been found and fixed in the Windows July cumulative updates. Microsoft recommends installing the July updates as soon as possible. Windows Version Link to KB article LInk to Catalog Windows 8.1, Windows...
2019 年 7 月のセキュリティ更新プログラム (月例)
2019 年 7 月 10 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しました。...
Vulnerability mitigated in the third-party Data Connector used in Azure Synapse pipelines and Azure Data Factory (CVE-2022-29972)
Summary Microsoft recently mitigated a vulnerability in Azure Data Factory and Azure Synapse pipelines. The vulnerability was specific to the third-party Open Database Connectivity ODBC driver used to connect to Amazon Redshift in Azure Synapse pipelines and Azure Data Factory Integration Runtime...
How Microsoft defends against indirect prompt injection attacks
Summary The growing adoption of large language models LLMs in enterprise workflows has introduced a new class of adversarial techniques: indirect prompt injection. Indirect prompt injection can be used against systems that leverage large language models LLMs to process untrusted data...
Awareness and guidance related to OpenSSL 3.0 – 3.0.6 risk (CVE-2022-3786 and CVE-2202-3602)
Summary Microsoft is aware and actively addressing the impact associated with the recent OpenSSL vulnerabilities announced on October 25th 2022, fixed in version 3.0.7. As part of our standard processes, we are rolling out fixes for impacted services. Any customer action that is required will be...
Acquiring a VHD to Investigate
In a previous post we described some of the differences between on-premises/physical forensics and cyber investigations and those performed in the cloud, and how this can make cloud forensics challenging. That blog post described a method of creating and maintaining a VM image which can be...
CVE-2023-24932 に関連するセキュア ブート マネージャーの変更に関するガイダンス
本ブログは、Guidance related to Secure Boot Manager changes associated with CVE-2023-24932 の抄訳版です。最新の情報は原文を参照してください。 概要...
Congratulations and New Swag Awards for the Top MSRC 2022 Q1 Security Researchers!
Today, we are excited to recognize this quarter’s Microsoft Researcher Recognition Program leaderboard and share new swag awards and improvements to the leaderboard. Congratulations and thank you to everyone for your hard work and continued partnership to secure customers. The top three researche...
Calling all breakers & builders: BlueHat Seattle registration is open!
Exciting changes are coming to BlueHat Seattle 2019! If you’d like to attend this premier security conference, we have good news for you: registration for BlueHat Seattle is now open and we hope you register. Wait, isn't BlueHat invitation-only? It is…but if we haven’t sent you an invitation, we...
January 2019 Security Update Release
Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide...
Windows Print Spooler の脆弱性情報 (CVE-2021-34527) に対するセキュリティ更新プログラムの定例外での公開
2021 年 7 月 7 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを定例外で公...
2019 年 8 月のセキュリティ更新プログラム (月例)
2019 年 8 月 14 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しました。 The post 2019 年 8 月のセキュリティ更新プログラム 月例 appeared first on Microsoft Security Response Center...
It’s Official – The Way We Recognize Our Security Researchers
We deeply appreciate the partnership of the many talented security researchers who report vulnerabilities to Microsoft through Coordinated Vulnerability Disclosure. We pay bounties for research in key areas, and each year at Black Hat USA, we’ve recognized the most impactful researchers helping t...
Prevent the impact of a Linux worm by updating Exim (CVE-2019-10149)
This week, MSRC confirmed the presence of an active Linux worm leveraging a critical Remote Code Execution RCE vulnerability, CVE-2019-10149, in Linux Exim email servers running Exim version 4.87 to 4.91. Microsoft Azure infrastructure and Services are not affected; only customer’s Linux IaaS...
Prevent a worm by updating Remote Desktop Services (CVE-2019-0708)
Today Microsoft released fixes for a critical Remote Code Execution vulnerability, CVE-2019-0708, in Remote Desktop Services – formerly known as Terminal Services – that affects some older versions of Windows. The Remote Desktop Protocol RDP itself is not vulnerable. This vulnerability is...
Netlogon Domain Controller Enforcement Mode is enabled by default beginning with the February 9, 2021 Security Update, related to CVE-2020-1472
Microsoft addressed a Critical RCE vulnerability affecting the Netlogon protocol CVE-2020-1472 on August 11, 2020. We are reminding our customers that beginning with the February 9, 2021 Security Update release we will be enabling Domain Controller enforcement mode by default. This will block...
KVA Shadow: Mitigating Meltdown on Windows
On January 3rd, 2018, Microsoft released an advisory and security updates that relate to a new class of discovered hardware vulnerabilities, termed speculative execution side channels, that affect the design methodology and implementation decisions behind many modern microprocessors. This post...
マイクロソフトは Outlook の 特権昇格の脆弱性を緩和します
本ブログは、Microsoft Mitigates Outlook Elevation of Privilege Vulnerability の抄訳版です。最新の情報は原文を参照してください。 2023 年 5 月...
April 2021 Update Tuesday packages now available
Update August 25, 2021: Microsoft strongly recommends that you update your servers with the most recent security updates available. CVE-2021-34473 ProxyShell CVE-2021-34523 ProxyShell CVE-2021-33766 Today is Update Tuesday – our commitment to provide a predictable monthly schedule to release...
Announcing 2019 MSRC Most Valuable Security Researchers
Earlier today we announced MSRC’s 2018-2019 Most Valuable Security Researchers at Black Hat. The following 75 researchers hail from all corners of the world and possess varied experience and skills, yet all of them have contributed to securing the Microsoft’s customers and the broader ecosystem...
An intern’s experience with Rust
Over the course of my internship at the Microsoft Security Response Center MSRC, I worked on the safe systems programming languages SSPL team to promote safer languages for systems programming where runtime overhead is important, as outlined in this blog. My job was to port a security critical...
Meet the MSRC at Black Hat 2019
We’re getting close to Black Hat, and we hope to see you there. Here’s where you can find members of the Microsoft Security Response Center if you’d like to say hello, ask a question about a report you made, discuss a recent blog article, or just show us pictures of your dog. Wednesday, August 7 ...
Microsoft’s Response to CVE-2021-44228 Apache Log4j 2
Published on: 2021 Dec 11, updated 2022 Apr 6. SUMMARY SUMMARY Microsoft continues our analysis of the remote code execution vulnerabilities related to Apache Log4j a logging tool used in many Java-based applications disclosed on 9 Dec 2021. Currently, Microsoft is not aware of any impact, outsid...
CVE-2021-44228 Apache Log4j 2 に対するマイクロソフトの対応
本ブログは、Microsoft’s Response to CVE-2021-44228 Apache Log4j 2 の抄訳版です。最新の情報は、元記事を参照してください。...
Congratulating Our Top MSRC 2021 Q1 Security Researchers!
We’re excited to announce the top contributing researchers for the 2021 First Quarter Q1! Congratulations to all the researchers recognized in this quarter’s leaderboard and thank you to everyone who continues to help secure our customers and the ecosystem. The top three researchers of the 2021 Q...
MSRC is going to ROOTCON!
The Microsoft Security Response Center MSRC works with partners all over the world to protect Microsoft customers. This week we’re headed to the Philippines to meet security researchers and bounty hunters at ROOTCON 13! Planning on attending ROOTCON? If you want to learn more about how you can ea...
August 2018 Security Update Release
Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide. MSRC team...
2023 年 3 月のセキュリティ更新プログラム (月例)
2023 年 3 月 14 日 米国時間 、マイクロソフトは、マイクロソフト製品に影響する脆弱性を修正するために、セキ...
Microsoft Bug Bounty Programs Year in Review: $13.6M in Rewards
Partnering with the security research community is an important part of Microsoft’s holistic approach to defending against security threats. Bug bounty programs are one part of this partnership. By discovering and reporting vulnerabilities to Microsoft through Coordinated Vulnerability Disclosure...
Investigating and Mitigating Malicious Drivers
The security landscape continues to rapidly evolve as threat actors find new and innovative methods to gain access to environments across a wide range of vectors. As the industry moves closer to the adoption of a Zero Trust security posture with broad and layered defenses, we remain committed to...
Microsoft Internal Solorigate Investigation Update
As we said in our recent blog, we believe the Solorigate incident is an opportunity to work together in important ways, to share information, strengthen defenses and respond to attacks. Like other SolarWinds customers, we have been actively looking for indicators of the Solorigate actor and want ...
February 2019 Security Update Release
Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide...
Customer Guidance for Reported Zero-day Vulnerabilities in Microsoft Exchange Server
November 8, 2022 update - Microsoft released security updates for CVE-2022-41040 and CVE-2022-41082. We recommend that customers protect their organizations by applying the updates immediately to affected systems. The options described in the Mitigations section are no longer recommended. For mor...
Designing a COM library for Rust
I interned with Microsoft as a Software Engineering Intern in the MSRC UK team in Cheltenham this past summer. I worked in the Safe Systems Programming Language SSPL group, which explores safe programming languages as a proactive measure against memory-safety related vulnerabilities. This blog po...
What’s new in the MSRC Report Abuse Portal and API
The Microsoft Security Response Center MSRC has always been at the forefront of addressing cyber threats, privacy issues, and abuse arising from Microsoft Online Services. Building on our commitment, we have introduced several updates to the Report Abuse Portal and API, which will significantly...
TCP/IP に影響を与える脆弱性情報に関する注意喚起
「Multiple Security Updates Affecting TCP/IP: CVE-2021-24074, CVE-2021-24094, and CVE-2021-24086」の日本語抄訳です。 2021 年 2 月 9 日 日本時...
November 2018 Security Update Release
Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide...
Standing behind “MSRC Listens”
Last week at BlueHat’s “MSRC Listens” session, I took the stage with Mechele Gruhn, manager of the Vulnerability Response PM team, to explain how MSRC is changing our communication, workflows, and tooling to deliver an improved user experience for our partners in the security research community. ...
Recognizing Q3 Top 5 Bounty Hunters
Throughout the year, security researchers submit some amazing work to us under the Microsoft Bug Bounty program. Starting this quarter, we want to give a shout out to and acknowledge the hard work and dedication of the following individuals and companies who have contributed to securing Microsoft...
April 2018 security update release
Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice. More information about this...
Advance Notification Service for the June 2014 Security Bulletin Release
Today we provide advance notification for the release of seven Bulletins, two rated Critical and five rated Important in severity. These Updates are for Microsoft Windows, Microsoft Office and Internet Explorer. The Update for Internet Explorer addresses CVE-2014-1770, which we have not seen used...
CVE-2022-22965 Spring Framework に対するマイクロソフトの対応
本ブログは、Microsoft’s Response to CVE-2022-22965 Spring Framework の抄訳版です。最新の情報は原文を参照してください。 概要 概...