Inside the MSRC – Building your own security incident response process

This is the third and last in a series of posts that looks at how Microsoft responds to elevated threats to customers through the Microsoft Security Response Center’s MSRC Software and Services Incident Response Plan SSIRP. Our previous posts discussed how Microsoft protects customers against...

Inside the MSRC – Customer-centric incident response

The Microsoft Security Response Center MSRC is an integral part of Microsoft’s Cyber Defense Operations Center CDOC that brings together security response experts from across the company to help protect, detect, and respond to threats in real-time. Staffed with dedicated teams 24x7, the CDOC has...

Time travel debugging: It’s a blast! (from the past)

The Microsoft Security Response Center MSRC works to assess vulnerabilities that are externally reported to us as quickly as possible, but time can be lost if we have to confirm details of the repro steps or environment with the researcher to reproduce the vulnerability. Microsoft has made our...

Join Microsoft Security Response at the Product Security Operations forum at LocoMocoSec!

The MSRC is more than managing vulnerability reports, publishing Microsoft security updates, and defending the cloud. The MSRC is passionate about helping everyone improve internal engineering practices and supporting the defender community, and are excited to partner with Blackberry to host a...

Local privilege escalation via the Windows I/O Manager: a variant finding collaboration

The Microsoft Security Response Center MSRC investigates all reports of security vulnerabilities affecting Microsoft products and services to help make our customers and the global online community more secure. We appreciate the excellent vulnerability research reported to us regularly from the...

2019 年 2 月のセキュリティ更新プログラム (月例)

2019 年 2 月 13 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...

Windows Update の利用手順 - Windows 8.1 の場合

本ブログ記事は初級レベルから中級レベルのコンピューター ユーザーを対象にしています。 Windows 10 をお使いのお客...

[セキュリティ基本対策 5 か条] 第 5 条 バックアップの取得を設定する

注: この内容は一般の方を対象とした記述にしています。 今日はセキュリティ基本対策 5 か条の第 5 条「バック...

October 2018 Security Update Release

Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide. MSRC team...

[セキュリティ基本対策 5 か条] 第 2 条 アクション センターで PC のセキュリティやメンテナンス状況に問題がないかを確認する

注: この内容は一般の方を対象とした記述にしています。 今日はセキュリティ基本対策 5 か条の第 2 条「アクシ...

2018 年 9 月のセキュリティ更新プログラム (月例)

2018 年 9 月 12 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...

September 2018 Security Update Release

Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide. MSRC team...

Inside MSRC: Sharing Our Story & Customer Tips

For the last 20 years, the Microsoft Security Response Center has been an integral part of Microsoft’s commitment to customer security. We are often called on to talk about the work we do and how customers can apply the lessons we have learned over that period to better their security posture...

2018 年 8 月のセキュリティ更新プログラム (月例)

2018 年 8 月 15 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...

2018 年 5 月のセキュリティ更新プログラム (月例)

2018 年 5 月 9 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...

「Emotet」の大規模感染を阻止した人工知能のしくみ

本記事は、Microsoft Secure のブログ “How artificial intelligence stopped an Emotet outbreak” 2018 年 2 月 14 日 米国時間公開...

挙動監視と機械学習で大規模な「Dofoil」によるコイン マイニング攻撃を阻止

本記事は、Microsoft Secure のブログ “Behavior monitoring combined with machine learning spoils a massive Dofoil coin mining campaign” 2018 年...

投機的実行に関する報奨金プログラムの開始

本記事は、Microsoft Security Response Center のブログ “Speculative Execution Bounty Launch” 2016 年 3 月 14 日 米国...

Speculative Execution Bounty Launch

Today, Microsoft is announcing the launch of a limited-time bounty program for speculative execution side channel vulnerabilities. This new class of vulnerabilities was disclosed in January 2018 and represented a major advancement in the research in this field. In recognition of that threat...

February 2018 security update release

Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice. More information about this...

November 2017 security update release

Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice. More information about this...

October 2017 security update release

Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice. More information about this...

VulnScan – Automated Triage and Root Cause Analysis of Memory Corruption Issues

The Microsoft Security Response Center MSRC receives reports about potential vulnerabilities in our products and it’s the job of our engineering team to assess the severity, impact, and root cause of these issues. In practice, a significant proportion of these reports turn out to be memory...

MSRC の 2017 年 “トップ 100 人” セキュリティ研究者一覧

本記事は、Microsoft Security Response Center のブログ “The MSRC 2017 list of “Top 100” security researchers”...

2017 年 8 月のセキュリティ更新プログラム (月例)

2017 年 8 月 9 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...

The MSRC 2017 list of “Top 100” security researchers

Security researchers play an essential role in Microsoft’s security strategy and are key to community-based defense. To show our appreciation for their hard work and partnership, each year at BlackHat North America, the Microsoft Security Response Center highlights contributions of these...

Announcing the Windows Bounty Program

Windows 10 represents the best and newest in our strong commitment to security with world-class mitigations. One of Microsoft’s longstanding strategies toward improving software security involves investing in defensive technologies that make it difficult and costly for attackers to find, exploit...

EnglishmansDentist Exploit Analysis

Introduction We are continuing our series of blog posts dissecting the exploits released by ShadowBrokers in April 2017. After the first two posts about the SMB exploits known as EternalChampion and EternalSynergy, we’ll move this time to analyze a different tool and we’ll focus on the exploit...

July 2017 security update release

Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice. More information about this...

Tales from the MSRC: from pixels to POC

Is this thing still on? It’s been a while since we’ve posted to this blog and we think it’s time to start posting deep technical content about Security Research & Defense SRD again. For readers who are new or may have forgotten, this blog is the home of the MSRC Vulnerabilities & Mitigations...

BlueHat v17 Call for Papers Opens

Calling security professionals and enthusiasts throughout the world. Microsoft is pleased to open the Call for Papers for our BlueHat v17 Security Conference. Potential speakers have from June 1st through August 18th to submit abstract proposals for this unique opportunity. As in past events, we...

Extending Microsoft Edge Bounty Program

Over the past 10 months, we’ve paid out more than $200,000 USD in bounties to researchers reporting vulnerabilities through the Microsoft Edge Bounty Program. Partnering with the research community has helped improve Microsoft Edge security, and to continue this collaboration, today we're extendi...

Customer Guidance for WannaCrypt attacks

Microsoft solution available to protect additional products Today many of our customers around the world and the critical systems they depend on were victims of malicious “WannaCrypt” software. Seeing businesses and individuals affected by cyberattacks, such as the ones reported today, was painfu...

Customer Guidance for WannaCrypt attacks

Microsoft solution available to protect additional products Today many of our customers around the world and the critical systems they depend on were victims of malicious “WannaCrypt” software. Seeing businesses and individuals affected by cyberattacks, such as the ones reported today, was painfu...

Coming together to address Encapsulated PostScript (EPS) attacks

Today’s security updates include three updates that exemplify how the security ecosystem can come together to help protect consumers and enterprises. We would like to thank FireEye and ESET for working with us. Customers that have the latest security updates installed are protected against the...

2017 年 4 月のセキュリティ更新プログラム (月例)

2017 年 4 月 12 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...

SHA-1 Collisions Research

Today, a group of eight researchers from across the security industry released a research report on SHA-1 that demonstrates for the first time, a “hash collision” for the full SHA-1 hash algorithm called “SHAttered”. This is a significant step toward understanding this type of security issue, a...

Adobe Flash Player security vulnerability release

Today, we released an Adobe Flash Player security update to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about these updates can be found on the Security Update Guide. MSRC team...

2016 年 12 月のセキュリティ情報 (月例) - MS16-144 ～ MS16-155

2016 年 12 月 14 日 日本時間、マイクロソフトは計 12 件 緊急 6 件、重要 6 件 の新規セキュリティ情報を公開し...

Moving Beyond EMET

EMET – Then and Now Microsoft’s Trustworthy Computing initiative was 7 years old in 2009 when we first released the Enhanced Mitigation Experience Toolkit EMET. Despite substantial improvements in Windows OS security during that same period, it was clear that the way we shipped Windows at the tim...

Update to the Microsoft Edge Web Platform on Windows Insider Preview Bug Bounty Program terms

On August 4, 2016 we launched a bounty program that targets Remote Code Execution RCE vulnerabilities in Microsoft Edge on the Windows Insider Preview Slow WIP slow. Today, we will be making additions to this bounty program. Since security is a continuous effort and not a destination, we prioriti...

Microsoft Bounty Program expansion - .NET Core and ASP.NET RC2 Beta Bounty

Today I have another exciting expansion of the Microsoft Bounty Program. Please visit https://aka.ms/BugBounty to find out more. As we approach release for .NET Core and ASP.NET, we would like to get even more feedback from the security research community. We are offering a bounty on the .NET Cor...

Announcing BlueHat v15 Conference

We are happy to announce the 15th version of the Microsoft BlueHat Security Conference set for January 12-13, 2016. The annual security conference brings internal and external speakers to educate and engage Microsoft’s engineering community and their executives. Work is under way currently to set...

What makes a good Microsoft Defense Bounty submission?

One of Microsoft’s longstanding strategies toward improving software security continues to involve investing in defensive technologies that make it difficult and costly for attackers to exploit vulnerabilities. These solutions generally have a broad and long lasting impact on software security...

September 2015 Security Update Release Summary

Today we released security updates to provide protections against malicious attackers. As a best practice, we encourage customers to apply security updates as soon as they are released. More information about this month’s security updates and advisories can be found in the Security TechNet Librar...

Out-of-band release for Security Bulletin MS15-078

Today, we released a security bulletin to provide an update for Microsoft Windows. Customers who have automatic updates enabled or apply the update, will be protected. We recommend customers apply the update as soon as possible, following the directions in the security bulletin. More information...

July 2015 Security Updates

Today we released security updates for Microsoft Windows, Microsoft Office, Microsoft SQL Server, and Internet Explorer. As a best practice, we encourage customers to apply security updates as soon as they are released. For more information about this month’s security updates and advisories visit...

April 2015 Updates

Today, as part of Update Tuesday, we released 11 security bulletins. We encourage customers to apply all of these updates. For more information about this month’s security updates, including the detailed view of the Exploitability Index XI, visit the Microsoft Bulletin Summary webpage. If you are...

Security Advisory 3046015 released

Today, we released Security Advisory 3046015 to provide guidance to customers in response to the SSL/TLS issue referred to by researchers as “FREAK” Factoring attack on RSA-EXPORT Keys. Our investigation continues and we’ll take the necessary steps to protect our customers. MSRC Team...

December 2014 Updates

Today, as part of Update Tuesday, we released seven security updates – three rated Critical and four rated Important in severity, to address 24 unique Common Vulnerabilities and Exposures CVEs in Microsoft Windows, Internet Explorer IE, Office and Exchange. We encourage you to apply all of these...