Lucene search
K
MsrcMost viewed

1366 matches found

MSRC
MSRC
added 2019/09/18 7:0 a.m.8 views

Meet the BlueHat Content Advisory Board

We couldn’t do BlueHat without the Content Advisory Board, the brain trust reviewing submissions to the CFP. Representing both Microsoft and other parts of security community, the CAB applies their industry and speaker experience to create the BlueHat agenda that’s the right mix of topics and...

1.6AI score
Exploits0
MSRC
MSRC
added 2019/09/11 7:0 a.m.8 views

Attacking the VM Worker Process

In the past year we invested a lot of time making Hyper-V research more accessible to everyone. Our first blog post, “First Steps in Hyper-V Research”, describes the tools and setup for debugging the hypervisor and examines the interesting attack surfaces of the virtualization stack components. W...

7AI score
Exploits0
MSRC
MSRC
added 2019/08/30 7:0 a.m.8 views

Scalable infrastructure for investigations and incident response

Traditional computer forensics and cyber investigations are as relevant in the cloud as they are in on-premise environments, but the methods in which to access and perform such investigations differ. This post will describe some of the challenges of bringing on-premises forensics techniques to th...

7AI score
Exploits0
MSRC
MSRC
added 2019/08/08 7:0 a.m.8 views

Microsoft Announces Top Three Contributing Partners in the Microsoft Active Protections Program (MAPP)

Today Microsoft announced the MAPP program Top Vulnerability Contributors, Top Threat Indicator Submitters, and Top Zero-Day Reporting for the period of July 1, 2018 – June 30, 2019. The Microsoft Active Protections Program provides security and protection to customers through cooperation and...

6.9AI score
Exploits0
MSRC
MSRC
added 2019/07/30 7:0 a.m.8 views

Recognizing Security Researchers in 2019

Who’s going to be on the Most Valuable Security Researcher list at Black Hat USA 2019? We’re not announcing the names—yet—but this is how we’ll determine who’s there. How do we define the Most Valuable Security Researchers? The list at Black Hat will be the top tier of researchers based on not ju...

7AI score
Exploits0
MSRC
MSRC
added 2019/07/29 7:0 a.m.8 views

It’s Official – The Way We Recognize Our Security Researchers

We deeply appreciate the partnership of the many talented security researchers who report vulnerabilities to Microsoft through Coordinated Vulnerability Disclosure. We pay bounties for research in key areas, and each year at Black Hat USA, we’ve recognized the most impactful researchers helping t...

7.1AI score
Exploits0
MSRC
MSRC
added 2019/07/18 7:0 a.m.8 views

We need a safer systems programming language

In our first post in this series, we discussed the need for proactively addressing memory safety issues. Tools and guidance are demonstrably not preventing this class of vulnerabilities; memory safety issues have represented almost the same proportion of vulnerabilities assigned a CVE for over a...

7.3AI score
Exploits0
MSRC
MSRC
added 2019/07/09 7:0 a.m.8 views

2019 年 7 月のセキュリティ更新プログラム (月例)

2019 年 7 月 10 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...

0.3AI score
Exploits0
MSRC
MSRC
added 2019/07/09 7:0 a.m.8 views

日本セキュリティチーム ブログ移行のお知らせ

平素より、日本セキュリティチーム ブログをご愛読いただきありがとうございます。 日本セキュリティチーム ブ...

0.3AI score
Exploits0
MSRC
MSRC
added 2019/07/01 7:0 a.m.8 views

Inside the MSRC – Building your own security incident response process

This is the third and last in a series of posts that looks at how Microsoft responds to elevated threats to customers through the Microsoft Security Response Center’s MSRC Software and Services Incident Response Plan SSIRP. Our previous posts discussed how Microsoft protects customers against...

2.2AI score
Exploits0
MSRC
MSRC
added 2019/07/01 7:0 a.m.8 views

Inside the MSRC – Building your own security incident response process

This is the third and last in a series of posts that looks at how Microsoft responds to elevated threats to customers through the Microsoft Security Response Center’s MSRC Software and Services Incident Response Plan SSIRP. Our previous posts discussed how Microsoft protects customers against...

6.8AI score
Exploits0
MSRC
MSRC
added 2019/06/25 7:0 a.m.8 views

Inside the MSRC – Customer-centric incident response

The Microsoft Security Response Center MSRC is an integral part of Microsoft’s Cyber Defense Operations Center CDOC that brings together security response experts from across the company to help protect, detect, and respond to threats in real-time. Staffed with dedicated teams 24x7, the CDOC has...

6.8AI score
Exploits0
MSRC
MSRC
added 2019/03/15 7:0 a.m.8 views

Join Microsoft Security Response at the Product Security Operations forum at LocoMocoSec!

The MSRC is more than managing vulnerability reports, publishing Microsoft security updates, and defending the cloud. The MSRC is passionate about helping everyone improve internal engineering practices and supporting the defender community, and are excited to partner with Blackberry to host a...

1AI score
Exploits0
MSRC
MSRC
added 2019/03/14 7:0 a.m.8 views

Local privilege escalation via the Windows I/O Manager: a variant finding collaboration

The Microsoft Security Response Center MSRC investigates all reports of security vulnerabilities affecting Microsoft products and services to help make our customers and the global online community more secure. We appreciate the excellent vulnerability research reported to us regularly from the...

7AI score
Exploits0
MSRC
MSRC
added 2019/03/13 7:0 a.m.8 views

Call for Papers | Microsoft BlueHat Shanghai 2019

The Microsoft Security Response Center MSRC recently announced our first BlueHat security conference in Shanghai which will take place on May 29-30, 2019. After 15 years of BlueHat events in Redmond, Washington and Israel, we are thrilled to expand to a new location. We work with many talented...

6.8AI score
Exploits0
MSRC
MSRC
added 2019/02/12 8:0 a.m.8 views

2019 年 2 月のセキュリティ更新プログラム (月例)

2019 年 2 月 13 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...

0.3AI score
Exploits0
MSRC
MSRC
added 2018/12/11 8:0 a.m.8 views

December 2018 Security Update Release

Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide...

6.7AI score
Exploits0
MSRC
MSRC
added 2018/10/18 7:0 a.m.8 views

Windows Update の利用手順 - Windows 8.1 の場合

本ブログ記事は初級レベルから中級レベルのコンピューター ユーザーを対象にしています。 Windows 10 をお使いのお客...

1.8AI score
Exploits0
MSRC
MSRC
added 2018/10/11 7:0 a.m.8 views

[セキュリティ基本対策 5 か条] 第 5 条 バックアップの取得を設定する

注: この内容は一般の方を対象とした記述にしています。 今日はセキュリティ基本対策 5 か条の第 5 条「バック...

0.3AI score
Exploits0
MSRC
MSRC
added 2018/10/09 7:0 a.m.8 views

October 2018 Security Update Release

Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide. MSRC team...

2.9AI score
Exploits0
MSRC
MSRC
added 2018/09/19 7:0 a.m.8 views

[セキュリティ基本対策 5 か条] 第 2 条 アクション センターで PC のセキュリティやメンテナンス状況に問題がないかを確認する

注: この内容は一般の方を対象とした記述にしています。 今日はセキュリティ基本対策 5 か条の第 2 条「アクシ...

0.4AI score
Exploits0
MSRC
MSRC
added 2018/09/11 7:0 a.m.8 views

September 2018 Security Update Release

Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide. MSRC team...

6.7AI score
Exploits0
MSRC
MSRC
added 2018/09/11 7:0 a.m.8 views

2018 年 9 月のセキュリティ更新プログラム (月例)

2018 年 9 月 12 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...

0.3AI score
Exploits0
MSRC
MSRC
added 2018/09/07 7:0 a.m.8 views

Inside MSRC: Sharing Our Story & Customer Tips

For the last 20 years, the Microsoft Security Response Center has been an integral part of Microsoft’s commitment to customer security. We are often called on to talk about the work we do and how customers can apply the lessons we have learned over that period to better their security posture...

6.9AI score
Exploits0
MSRC
MSRC
added 2018/08/16 7:0 a.m.8 views

Vulnerability hunting with Semmle QL, part 1

Previously on this blog, we’ve talked about how MSRC automates the root cause analysis of vulnerabilities reported and found. After doing this, our next step is variant analysis: finding and investigating any variants of the vulnerability. It’s important that we find all such variants and patch...

7.7AI score
Exploits0
MSRC
MSRC
added 2018/08/14 7:0 a.m.8 views

2018 年 8 月のセキュリティ更新プログラム (月例)

2018 年 8 月 15 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...

0.3AI score
Exploits0
MSRC
MSRC
added 2018/05/08 7:0 a.m.8 views

2018 年 5 月のセキュリティ更新プログラム (月例)

2018 年 5 月 9 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...

0.3AI score
Exploits0
MSRC
MSRC
added 2018/04/12 7:0 a.m.8 views

「Emotet」の大規模感染を阻止した人工知能のしくみ

本記事は、Microsoft Secure のブログ “How artificial intelligence stopped an Emotet outbreak” 2018 年 2 月 14 日 米国時間公開...

2AI score
Exploits0
MSRC
MSRC
added 2018/04/12 7:0 a.m.8 views

挙動監視と機械学習で大規模な「Dofoil」によるコイン マイニング攻撃を阻止

本記事は、Microsoft Secure のブログ “Behavior monitoring combined with machine learning spoils a massive Dofoil coin mining campaign” 2018 年...

1.9AI score
Exploits0
MSRC
MSRC
added 2018/03/23 7:0 a.m.8 views

投機的実行に関する報奨金プログラムの開始

本記事は、Microsoft Security Response Center のブログ “Speculative Execution Bounty Launch” 2016 年 3 月 14 日 米国...

1.6AI score
Exploits0
MSRC
MSRC
added 2018/03/14 7:0 a.m.8 views

Speculative Execution Bounty Launch

Today, Microsoft is announcing the launch of a limited-time bounty program for speculative execution side channel vulnerabilities. This new class of vulnerabilities was disclosed in January 2018 and represented a major advancement in the research in this field. In recognition of that threat...

1.1AI score
Exploits0
MSRC
MSRC
added 2018/02/13 8:0 a.m.8 views

February 2018 security update release

Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice. More information about this...

7AI score
Exploits0
MSRC
MSRC
added 2017/11/14 8:0 a.m.8 views

November 2017 security update release

Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice. More information about this...

7AI score
Exploits0
MSRC
MSRC
added 2017/10/10 5:0 p.m.8 views

October 2017 security update release

Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice. More information about this...

6.8AI score
Exploits0
MSRC
MSRC
added 2017/10/03 7:0 a.m.8 views

VulnScan – Automated Triage and Root Cause Analysis of Memory Corruption Issues

The Microsoft Security Response Center MSRC receives reports about potential vulnerabilities in our products and it’s the job of our engineering team to assess the severity, impact, and root cause of these issues. In practice, a significant proportion of these reports turn out to be memory...

7.2AI score
Exploits0
MSRC
MSRC
added 2017/08/10 7:0 a.m.8 views

MSRC の 2017 年 “トップ 100 人” セキュリティ研究者一覧

本記事は、Microsoft Security Response Center のブログ “The MSRC 2017 list of “Top 100” security researchers”...

1.3AI score
Exploits0
MSRC
MSRC
added 2017/08/08 7:0 a.m.8 views

2017 年 8 月のセキュリティ更新プログラム (月例)

2017 年 8 月 9 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...

0.3AI score
Exploits0
MSRC
MSRC
added 2017/08/07 7:0 a.m.8 views

The MSRC 2017 list of “Top 100” security researchers

Security researchers play an essential role in Microsoft’s security strategy and are key to community-based defense. To show our appreciation for their hard work and partnership, each year at BlackHat North America, the Microsoft Security Response Center highlights contributions of these...

6.9AI score
Exploits0
MSRC
MSRC
added 2017/07/26 7:0 a.m.8 views

Announcing the Windows Bounty Program

Windows 10 represents the best and newest in our strong commitment to security with world-class mitigations. One of Microsoft’s longstanding strategies toward improving software security involves investing in defensive technologies that make it difficult and costly for attackers to find, exploit...

7AI score
Exploits0
MSRC
MSRC
added 2017/07/20 7:0 a.m.8 views

EnglishmansDentist Exploit Analysis

Introduction We are continuing our series of blog posts dissecting the exploits released by ShadowBrokers in April 2017. After the first two posts about the SMB exploits known as EternalChampion and EternalSynergy, we’ll move this time to analyze a different tool and we’ll focus on the exploit...

7.2AI score
Exploits0
MSRC
MSRC
added 2017/07/11 5:30 p.m.8 views

July 2017 security update release

Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice. More information about this...

6.8AI score
Exploits0
MSRC
MSRC
added 2017/06/29 7:0 a.m.8 views

Eternal Champion Exploit Analysis

Recently, a group named the ShadowBrokers published several remote server exploits targeting various protocols on older versions of Windows. In this post we are going to look at the EternalChampion exploit in detail to see what vulnerabilities it exploited, how it exploited them, and how the late...

7AI score
Exploits0
MSRC
MSRC
added 2017/06/20 7:0 a.m.8 views

Tales from the MSRC: from pixels to POC

Is this thing still on? It’s been a while since we’ve posted to this blog and we think it’s time to start posting deep technical content about Security Research & Defense SRD again. For readers who are new or may have forgotten, this blog is the home of the MSRC Vulnerabilities & Mitigations...

7.3AI score
Exploits0
MSRC
MSRC
added 2017/06/01 7:0 a.m.8 views

BlueHat v17 Call for Papers Opens

Calling security professionals and enthusiasts throughout the world. Microsoft is pleased to open the Call for Papers for our BlueHat v17 Security Conference. Potential speakers have from June 1st through August 18th to submit abstract proposals for this unique opportunity. As in past events, we...

6.8AI score
Exploits0
MSRC
MSRC
added 2017/05/16 7:0 a.m.8 views

Extending Microsoft Edge Bounty Program

Over the past 10 months, we’ve paid out more than $200,000 USD in bounties to researchers reporting vulnerabilities through the Microsoft Edge Bounty Program. Partnering with the research community has helped improve Microsoft Edge security, and to continue this collaboration, today we're extendi...

7.3AI score
Exploits0
MSRC
MSRC
added 2017/05/13 7:0 a.m.8 views

Customer Guidance for WannaCrypt attacks

Microsoft solution available to protect additional products Today many of our customers around the world and the critical systems they depend on were victims of malicious “WannaCrypt” software. Seeing businesses and individuals affected by cyberattacks, such as the ones reported today, was painfu...

4.4AI score
Exploits0
MSRC
MSRC
added 2017/05/13 7:0 a.m.8 views

Customer Guidance for WannaCrypt attacks

Microsoft solution available to protect additional products Today many of our customers around the world and the critical systems they depend on were victims of malicious “WannaCrypt” software. Seeing businesses and individuals affected by cyberattacks, such as the ones reported today, was painfu...

7AI score
Exploits0
MSRC
MSRC
added 2017/05/09 7:0 a.m.8 views

Coming together to address Encapsulated PostScript (EPS) attacks

Today’s security updates include three updates that exemplify how the security ecosystem can come together to help protect consumers and enterprises. We would like to thank FireEye and ESET for working with us. Customers that have the latest security updates installed are protected against the...

6.9AI score
Exploits0
MSRC
MSRC
added 2017/02/23 8:0 a.m.8 views

SHA-1 Collisions Research

Today, a group of eight researchers from across the security industry released a research report on SHA-1 that demonstrates for the first time, a “hash collision” for the full SHA-1 hash algorithm called “SHAttered”. This is a significant step toward understanding this type of security issue, a...

1.1AI score
Exploits0
MSRC
MSRC
added 2017/02/21 8:0 a.m.8 views

Adobe Flash Player security vulnerability release

Today, we released an Adobe Flash Player security update to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about these updates can be found on the Security Update Guide. MSRC team...

6.7AI score
Exploits0
Total number of security vulnerabilities1366