Lucene search
K
MsrcMost viewed

1366 matches found

MSRC
MSRC
added 2022/09/01 7:0 a.m.7 views

Azure Synapse Spark で修正された脆弱性について

本ブログは、Vulnerability Fixed in Azure Synapse Spark の抄訳版です。最新の情報は原文を参照してください。 概...

1.3AI score
Exploits0
MSRC
MSRC
added 2022/09/01 7:0 a.m.7 views

Vulnerability Fixed in Azure Synapse Spark

Summary Microsoft takes a proactive approach to continually probe our defenses, hunt for vulnerabilities, and seek new, innovative ways to protect our customers. Security researchers are an important part of this effort, and our collaborative partnership is critical in a world where cybersecurity...

7.2AI score
Exploits0
MSRC
MSRC
added 2022/08/08 7:0 a.m.7 views

Microsoft Office to publish symbols starting August 2022

We are excited to announce that Microsoft Office will begin publishing Office symbols for Windows via the Microsoft Public Symbol Server on August 9th 2022. The publication of Office symbols is a part of our continuing investment to improve security and performance for customers and partners. Key...

7.3AI score
Exploits0
MSRC
MSRC
added 2022/07/13 7:0 a.m.7 views

All Hands-on Deck: A Whole-of-Society Approach for Cybersecurity

The morning of June 9th, I was driving over the Golden Gate Bridge into San Francisco with my family. While crossing the bridge my children shared some facts about this modern engineering marvel. Each day, approx. 100,000 vehicles travel over the bridge deck, which weighs a staggering 150,000 ton...

7AI score
Exploits0
MSRC
MSRC
added 2022/03/22 7:0 a.m.7 views

Exploring a New Class of Kernel Exploit Primitive

The security landscape is dynamic, changing often and as a result, attack surfaces evolve. MSRC receives a wide variety of cases spanning different products, bug types and exploit primitives. One particularly interesting primitive we see is an arbitrary kernel pointer read. These often happen whe...

1.4AI score
Exploits0
MSRC
MSRC
added 2022/02/28 8:0 a.m.7 views

Cyber threat activity in Ukraine: analysis and resources

UPDATE 27 Apr 2022: See Updated malware details and Microsoft security product detections below as discussed in the Special Report: Ukraine. UPDATE 02 MAR 2022: See Updated malware details and Microsoft security product detections below for additional insights and protections specific to the...

6.9AI score
Exploits0
MSRC
MSRC
added 2022/02/01 8:0 a.m.7 views

Expanding the Microsoft Researcher Recognition Program

The Microsoft Researcher Recognition Program offers public thanks and recognition to security researchers who help protect our customers through discovering and sharing security vulnerabilities under Coordinated Vulnerability Disclosure. Today, we are expanding the program to recognize more...

7AI score
Exploits0
MSRC
MSRC
added 2021/12/14 8:0 a.m.7 views

Researcher Spotlight: Dr. Nestori Syynimaa’s Constant Mission Protecting Identities

"When you find the things I find, they really matter. They affect everybody’s security.” Currently streaming : The Expanse and Lost in Space on Netflix Currently listening to : Amorphis, Architects, and Killswitch Engage Currently running : 130 kilometers or 80 miles a month Currently playing :...

2.1AI score
Exploits0
MSRC
MSRC
added 2021/11/11 8:0 a.m.7 views

BlueHat is Back!

After a short hiatus, BlueHat is coming back with a vengeance! And we’ve got big plans for the entire researcher community. But first, I must apologize. It’s been a while since you have heard from us. We didn’t have BlueHat 2020 or 2021, and we know that was disappointing. It was partly due to th...

3AI score
Exploits0
MSRC
MSRC
added 2021/11/11 8:0 a.m.7 views

BlueHat is Back!

After a short hiatus, BlueHat is coming back with a vengeance! And we’ve got big plans for the entire researcher community. But first, I must apologize. It’s been a while since you have heard from us. We didn’t have BlueHat 2020 or 2021, and we know that was disappointing. It was partly due to th...

6.9AI score
Exploits0
MSRC
MSRC
added 2021/08/04 7:0 a.m.7 views

Congratulations to the MSRC 2021 Most Valuable Security Researchers!

The MSRC Researcher Recognition Program offers public thanks and acknowledgement to the researchers who help protect customers through discovering and sharing security vulnerabilities under Coordinated Vulnerability Disclosure. Today, we are excited to recognize this year’s Most Valuable Security...

7.1AI score
Exploits0
MSRC
MSRC
added 2021/04/29 7:0 a.m.7 views

“BadAlloc” – Memory allocation vulnerabilities could affect wide range of IoT and OT devices in industrial, medical, and enterprise networks

Microsoft’s Section 52, the Azure Defender for IoT security research group, recently uncovered a series of critical memory allocation vulnerabilities in IoT and OT devices that adversaries could exploit to bypass security controls in order to execute malicious code or cause a system crash. These...

8.3AI score
Exploits0
MSRC
MSRC
added 2021/04/15 7:0 a.m.7 views

Congratulating Our Top MSRC 2021 Q1 Security Researchers!

We’re excited to announce the top contributing researchers for the 2021 First Quarter Q1! Congratulations to all the researchers recognized in this quarter’s leaderboard and thank you to everyone who continues to help secure our customers and the...

7AI score
Exploits0
MSRC
MSRC
added 2021/03/15 7:0 a.m.7 views

One-Click Microsoft Exchange On-Premises Mitigation Tool - March 2021

We have been actively working with customers through our customer support teams, third-party hosters, and partner network to help them secure their environments and respond to associated threats from the recent Exchange Server on-premises attacks. Based on these engagements we realized that there...

1.5AI score
Exploits0
MSRC
MSRC
added 2021/03/15 7:0 a.m.7 views

One-Click Microsoft Exchange On-Premises Mitigation Tool - March 2021

We have been actively working with customers through our customer support teams, third-party hosters, and partner network to help them secure their environments and respond to associated threats from the recent Exchange Server on-premises attacks. Based on these engagements we realized that there...

7AI score
Exploits0
MSRC
MSRC
added 2021/02/01 8:0 a.m.7 views

サイバーセキュリティ月間 2021

今年もサイバーセキュリティ月間 2 月 1 日~ 3 月 18 日 が始まりました。サイバーセキュリティ月間とは、内閣...

0.3AI score
Exploits0
MSRC
MSRC
added 2021/02/01 8:0 a.m.7 views

New and Improved Report Abuse Portal and API!

The Report Abuse CERT Portal and Report Abuse API have played a significant role in MSRC’s response to suspected cyberattacks, privacy issues, and abuse originating from Microsoft Online Services. With the contributions from our wonderful community of reporters, we continue to gain insightful...

7AI score
Exploits0
MSRC
MSRC
added 2021/01/14 8:0 a.m.7 views

Top MSRC 2020 Q4 Security Researchers – Congratulations!

We’re excited to announce the top contributing researchers for the 2020 Fourth Quarter Q4! Congratulations to all of the researchers who made this quarter’s leaderboard and a huge thank you to everyone who continues to help secure our customers and the ecosystem. The top three researchers of the...

2AI score
Exploits0
MSRC
MSRC
added 2020/12/08 8:0 a.m.7 views

Security Update Guide: Let's keep the conversation going

Hi Folks, We want to continue to highlight changes we’ve made to our Security Update Guide. We have received a lot of feedback, much of which has been very positive. We acknowledge there have been some stability problems and we are actively working through reports of older browsers not being able...

7.1AI score
Exploits0
MSRC
MSRC
added 2020/11/09 8:0 a.m.7 views

Vulnerability Descriptions in the New Version of the Security Update Guide

With the launch of the new version of the Security Update Guide, Microsoft is demonstrating its commitment to industry standards by describing the vulnerabilities with the Common Vulnerability Scoring System CVSS. This is a precise method that describes the vulnerability with attributes such as t...

6.9AI score
Exploits0
MSRC
MSRC
added 2020/10/15 7:0 a.m.7 views

Announcing the Top MSRC 2020 Q3 Security Researchers

Following the MSRC’s 2020 Most Valuable Security Researchers announced during this year’s Black Hat, we’re excited to announce the top contributing researchers for the 2020 Third Quarter Q3! The top three researchers of the 2020 Q3...

7AI score
Exploits0
MSRC
MSRC
added 2020/08/11 7:0 a.m.7 views

2020 年 8 月のセキュリティ更新プログラム (月例)

2020 年 8 月 12 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...

0.3AI score
Exploits0
MSRC
MSRC
added 2020/07/15 7:0 a.m.7 views

Top MSRC 2020 Q2 Security Researchers Announced – Congratulations!

We are excited to announce the top contributing researchers for the 2020 Second Quarter Q2! Congratulations to all the researchers who continue to rock the leaderboard, and a big thank you to everyone for your contribution to securing our customers and the ecosystem. The top three researchers of...

3.4AI score
Exploits0
MSRC
MSRC
added 2020/06/18 7:0 a.m.7 views

IE の累積的な更新プログラムも確実に適用を!

企業内でご利用の端末に更新プログラムを適用される際、特に Windows Server 2012 R2 などのサーバー OS 環境で Internet Explorer IE の累積的...

1.7AI score
Exploits0
MSRC
MSRC
added 2020/06/17 7:0 a.m.7 views

セキュリティエンドポイント脅威レポート 2019 で脅威の動向と対策を知る

2020 年 6 月 16 日、マイクロソフトは、セキュリティエンドポイント脅威レポート 2019 Security Endpoint Threat Report を発表し、2019 年...

Exploits0
MSRC
MSRC
added 2020/06/01 7:0 a.m.7 views

Machine Learning Security Evasion Competition 2020 Invites Researchers to Defend and Attack

Machine learning ML is an increasingly valuable tool in cyber security as adversaries continually evolve their tactics and techniques to evade detection. As machine learning has advanced and sophisticated ML models have been developed to assist security professionals in protecting the cloud,...

7.1AI score
Exploits0
MSRC
MSRC
added 2020/05/05 7:0 a.m.7 views

Azure Sphere Security Research Challenge Now Open

The Azure Sphere Security Research Challenge is an expansion of Azure Security Lab, announced at Black Hat in August 2019. At that time, a select group of talented researchers was invited to come and do their worst, emulating criminal hackers in a customer-safe cloud environment. This new researc...

6.9AI score
Exploits0
MSRC
MSRC
added 2020/04/23 7:0 a.m.7 views

Congratulating Our Top 2020 Q1 Security Researchers!

Following the second Security Researcher Quarterly Leaderboard and the 2020 MSRC Most Valuable Security Researchers criteria we published in February 2020, we are excited to announce the 2020 First Quarter Q1 Security Researcher Leaderboard, listing our top contributing researchers for the last...

7AI score
Exploits0
MSRC
MSRC
added 2020/03/10 7:0 a.m.7 views

2020 年 3 月のセキュリティ更新プログラム (月例)

2020 年 3 月 11 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...

0.3AI score
Exploits0
MSRC
MSRC
added 2020/02/24 8:0 a.m.7 views

Calling for security research in Azure Sphere, now generally available

Today, Microsoft released Azure Sphere into General Availability GA. Azure Sphere’s mission is to empower every organization on the planet to connect and create secured and trustworthy IoT devices. Azure Sphere is an end-to-end solution for securely connecting existing equipment and for creating...

0.5AI score
Exploits0
MSRC
MSRC
added 2020/02/03 8:0 a.m.7 views

Recognizing Security Researchers in 2020

Is it too early to talk about the 2020 MSRC Most Valuable Security Researchers? Five months from now, at the end of June, the program period closes for researchers to be considered for inclusion in the Most Valuable Researchers list. The top researcher list will be revealed at Black Hat North...

6.9AI score
Exploits0
MSRC
MSRC
added 2020/01/30 8:0 a.m.7 views

Announcing the Xbox Bounty program

We are pleased to announce the launch of the Xbox Bounty program today. The Xbox bounty program invites gamers, security researchers, and technologists around the world to help identify security vulnerabilities in the Xbox network and services, and share them with the Microsoft Xbox team through...

0.8AI score
Exploits0
MSRC
MSRC
added 2020/01/15 8:0 a.m.7 views

Announcing MSRC 2019 Q4 Security Researcher Leaderboard

Following the first Security Researcher Quarterly Leaderboard we published in October 2019, we are excited to announce the MSRC Q4 2019 Security Researcher Leaderboard, which shows the top contributing researchers for the last quarter. In each quarterly leaderboard, we recognize the security...

7AI score
Exploits0
MSRC
MSRC
added 2020/01/09 8:0 a.m.7 views

[IT管理者向け] 脆弱性の悪用のしやすさを知る~悪用可能性指標と緩和策

マイクロソフトでは毎月第二火曜日 米国時間 に定例のセキュリティ更新プログラムを公開し、修正した脆弱...

0.4AI score
Exploits0
MSRC
MSRC
added 2019/12/10 8:0 a.m.7 views

December 2019 security updates are available

We have released the December security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide. As a reminder,...

3.8AI score
Exploits0
MSRC
MSRC
added 2019/11/26 8:0 a.m.7 views

[あらためて確認を] RDP の脆弱性に対するセキュリティ更新プログラムの適用を推奨

2019 年、マイクロソフトはリモートデスクトッププロトコル Remote Desktop Protocol: RDP、 Terminal Services における複数の脆弱性を修正し...

1.7AI score
Exploits0
MSRC
MSRC
added 2019/10/25 7:0 a.m.7 views

Time for day 2 of briefings at BlueHat Seattle!

We hope you enjoyed the first day of our BlueHat briefings and the Bytes of BlueHat reception in our glamping tent complete with toasted marshmallows. Yesterday, we learned a lot about how XboxOne hardware security has advanced the state of hardware security elsewhere, we heard some surprising...

6.9AI score
Exploits0
MSRC
MSRC
added 2019/10/24 7:0 a.m.7 views

Welcome to the second stage of BlueHat!

We’ve finished two incredible days of security trainings at the Living Computer Museum in Seattle. Now it’s time for the second part of BlueHat: the briefings at ShowBox SoDo. We’ve got a big day planned, so head on down. Please join us for breakfast we have doughnuts! and bacon! and cereal!...

7AI score
Exploits0
MSRC
MSRC
added 2019/10/23 7:0 a.m.7 views

Microsoft Identity Bounty Improvements

Microsoft is continually improving our existing bounty programs. Today we’re happy to share the latest updates to the Microsoft Identity Bounty. Originally launched in July 2018, the Microsoft Identity bounty program has helped build a partnership with the security research community to improve t...

6.8AI score
Exploits0
MSRC
MSRC
added 2019/10/08 7:0 a.m.7 views

October 2019 security updates are available!

We have released the October security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide. As a reminder,...

3.6AI score
Exploits0
MSRC
MSRC
added 2019/09/16 7:0 a.m.7 views

Calling all breakers & builders: BlueHat Seattle registration is open!

Exciting changes are coming to BlueHat Seattle 2019! If you’d like to attend this premier security conference, we have good news for you: registration for BlueHat Seattle is now open and we hope you register. Wait, isn't BlueHat invitation-only? It is…but if we haven’t sent you an invitation, we...

7.3AI score
Exploits0
MSRC
MSRC
added 2019/09/10 7:0 a.m.7 views

September 2019 Security Updates

We have released the September security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide. As a reminder,...

6.7AI score
Exploits0
MSRC
MSRC
added 2019/08/13 7:0 a.m.7 views

August 2019 Security Updates

We have released the August security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide. As a reminder, Windo...

6.7AI score
Exploits0
MSRC
MSRC
added 2019/08/08 7:0 a.m.7 views

Microsoft Announces Top Three Contributing Partners in the Microsoft Active Protections Program (MAPP)

Today Microsoft announced the MAPP program Top Vulnerability Contributors, Top Threat Indicator Submitters, and Top Zero-Day Reporting for the period of July 1, 2018 – June 30, 2019. The Microsoft Active Protections Program provides security and protection to customers through cooperation and...

3.4AI score
Exploits0
MSRC
MSRC
added 2019/08/07 7:0 a.m.7 views

Announcing 2019 MSRC Most Valuable Security Researchers

Earlier today we announced MSRC’s 2018-2019 Most Valuable Security Researchers at Black Hat. The following 75 researchers hail from all corners of the world and possess varied experience and skills, yet all of them have contributed to securing the Microsoft’s customers and the broader ecosystem...

6.8AI score
Exploits0
MSRC
MSRC
added 2019/07/09 7:0 a.m.7 views

July 2019 Security Update Release

We have released the July security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide...

3AI score
Exploits0
MSRC
MSRC
added 2019/03/15 7:0 a.m.7 views

Join Microsoft Security Response at the Product Security Operations forum at LocoMocoSec!

The MSRC is more than managing vulnerability reports, publishing Microsoft security updates, and defending the cloud. The MSRC is passionate about helping everyone improve internal engineering practices and supporting the defender community, and are excited to partner with Blackberry to host a...

6.8AI score
Exploits0
MSRC
MSRC
added 2019/03/12 7:0 a.m.7 views

March 2019 Security Update Release

Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide...

6.7AI score
Exploits0
MSRC
MSRC
added 2019/03/12 7:0 a.m.7 views

Practical advice for earning higher Microsoft bounty awards

This year at the Nullcon International Security Conference I shared practical advice for how security researchers can maximize the impact of their security vulnerability submissions and earn higher bounty awards under the Microsoft Bounty Program. For those who couldn’t be there, I had two core...

2.3AI score
Exploits0
MSRC
MSRC
added 2019/03/12 7:0 a.m.7 views

Practical advice for earning higher Microsoft bounty awards

This year at the Nullcon International Security Conference I shared practical advice for how security researchers can maximize the impact of their security vulnerability submissions and earn higher bounty awards under the Microsoft Bounty Program. For those who couldn’t be there, I had two core...

7AI score
Exploits0
Total number of security vulnerabilities1366