Lucene search
K
MsrcMost viewed

1366 matches found

MSRC
MSRC
added 2018/06/12 7:0 a.m.6 views

June 2018 Security Update Release

Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide. MSRC team...

6.7AI score
Exploits0
MSRC
MSRC
added 2018/05/08 7:0 a.m.6 views

May 2018 security update release

Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide. MSRC team...

3AI score
Exploits0
MSRC
MSRC
added 2018/04/10 7:0 a.m.6 views

April 2018 security update release

Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice. More information about this...

6.8AI score
Exploits0
MSRC
MSRC
added 2018/02/02 8:0 a.m.6 views

Inside the MSRC – How we recognize our researchers

This is the first of a series of blog entries to give some insight into the Microsoft Security Response Center MSRC business and how we work with security researchers and vulnerability reports. The Microsoft Security Response Center actively recognizes those security researchers who help us to...

6.8AI score
Exploits0
MSRC
MSRC
added 2017/12/12 8:0 a.m.6 views

December 2017 security update release

Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice. More information about this...

7AI score
Exploits0
MSRC
MSRC
added 2017/11/14 8:0 a.m.6 views

November 2017 security update release

Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice. More information about this...

2.4AI score
Exploits0
MSRC
MSRC
added 2017/09/15 7:0 a.m.6 views

Extending the Microsoft Office Bounty Program

Microsoft announces the extension of the Microsoft Office Bounty Program through December 31, 2017. This extension is retroactive for any cases submitted during the interim. The engagement we have had with the security community has been great and we are looking to continue that collaboration on...

6.9AI score
Exploits0
MSRC
MSRC
added 2017/07/11 7:0 a.m.6 views

July 2017 security update release

Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice. More information about this...

2.6AI score
Exploits0
MSRC
MSRC
added 2017/06/28 7:0 a.m.6 views

Update on Petya malware attacks

As happened recently with WannaCrypt, we again face a malicious attack in the form of ransomware, Petya. In early reports, there was a lot of conflicting information reported on the attacks, including conflation of unrelated and misleading pieces of data, so Microsoft teams mobilized to investiga...

1.7AI score
Exploits0
MSRC
MSRC
added 2017/06/13 7:0 a.m.6 views

2017 年 6 月のセキュリティ更新プログラム (月例)

2017 年 6 月 14 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...

0.3AI score
Exploits0
MSRC
MSRC
added 2017/05/25 7:0 a.m.6 views

テクニカル サポート詐欺との戦い

本記事は、Microsoft Digital Crimes Unit の Courtney Gregoire による投稿 "The fight against tech support scams" 2017 年 5 月 18 日 米国時間公開 を翻訳したも...

0.4AI score
Exploits0
MSRC
MSRC
added 2017/01/10 12:0 a.m.6 views

2017 年 1 月のセキュリティ情報 (月例) - MS17-001 ~ MS17-004

2017 年 1 月 11 日 日本時間、マイクロソフトは計 4 件 緊急 1 件、重要 3 件 の新規セキュリティ情報を公開し...

0.3AI score
Exploits0
MSRC
MSRC
added 2016/12/13 8:0 a.m.6 views

December 2016 security update release

Today we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to apply security updates as soon as they are released. More information about this month’s security updates and advisories can be found in the Security...

6.7AI score
Exploits0
MSRC
MSRC
added 2016/03/17 7:0 a.m.6 views

Microsoft Bounty Programs Announce Expansion - Bounty for Microsoft OneDrive

At Microsoft, we continue to add new properties to our security bug bounty programs to help keep our customer’s secure. Today, I’m pleased to announce the addition of Microsoft OneDrive to the Microsoft Online Services Bug Bounty Program. This addition further incentivizes security researchers to...

7AI score
Exploits0
MSRC
MSRC
added 2015/08/18 7:0 a.m.6 views

Security Update Solution Further Protects Customer Devices

On Tuesday, August 18, 2015, Microsoft released a security update solution to address a vulnerability. The update is for all supported versions of Internet Explorer. We recommend customers to apply this update as soon as possible by following the directions on the TechNet.com/Security website, in...

6.6AI score
Exploits0
MSRC
MSRC
added 2014/11/18 8:0 a.m.6 views

Out-of-band release for Security Bulletin MS14-068

On Tuesday, November 18, 2014, at approximately 10 a.m. PST, we will release an out-of-band security update to address a vulnerability in Windows. We strongly encourage customers to apply this update as soon as possible, following the directions in the security bulletin. More information about th...

6.7AI score
Exploits0
MSRC
MSRC
added 2014/08/27 7:0 a.m.6 views

Security Bulletin MS14-045 rereleased

Every month for many years, we’ve released a number of updates focused on the continuous improvement of customers’ experiences with our technology. Historically, these updates happened at different times during the month, with the security-specific ones occurring on the second Tuesday of each...

7AI score
Exploits0
MSRC
MSRC
added 2014/04/08 7:0 a.m.6 views

MS14-019 – Fixing a binary hijacking via .cmd or .bat file

Command .cmd and batch .bat files can be directly provided as input to the CreateProcess as if it is an executable. CreateProcess uses the cmd.exe automatically to run the input .cmd or .bat. Today, with the bulletin MS14-019 we are fixing a vulnerability, where in particular scenario it is...

7AI score
Exploits0
MSRC
MSRC
added 2014/03/24 7:0 a.m.6 views

Security Advisory 2953095: recommendation to stay protected and for detections

Today, Microsoft released Security Advisory 2953095 to notify customers of a vulnerability in Microsoft Word. At this time, we are aware of limited, targeted attacks directed at Microsoft Word 2010. This blog will discuss mitigations and temporary defensive strategies that will help customers to...

6.8AI score
Exploits0
MSRC
MSRC
added 2014/02/11 8:0 a.m.6 views

Safer Internet Day 2014 and Our February 2014 Security Updates

In addition to today being the security update release, February 11 is officially Safer Internet Day for 2014. This year, we’re asking folks to Do 1 Thing to stay safer online. While you may expect my “Do 1 Thing” recommendation would be to apply security updates, I’m guessing that for readers of...

6.9AI score
Exploits0
MSRC
MSRC
added 2013/11/06 8:0 a.m.6 views

Software defense: safe unlinking and reference count hardening

Object lifetime management vulnerabilities represent a very common class of memory safety vulnerability. These vulnerabilities come in many shapes and sizes, and are typically quite difficult to mitigate generically. Vulnerabilities of this type result commonly from incorrect accounting with...

7.2AI score
Exploits0
MSRC
MSRC
added 2013/09/17 7:0 a.m.6 views

Microsoft Releases Security Advisory 2887505

Today we released Security Advisory 2887505 regarding an issue that affects Internet Explorer. There are only reports of a limited number of targeted attacks specifically directed at Internet Explorer 8 and 9, although the issue could potentially affect all supported versions. This issue could...

7.8AI score
Exploits0
MSRC
MSRC
added 2013/07/31 7:0 a.m.6 views

Try something new – Beat the BlueHat Challenge!

August 2014 Update: The BlueHat Challenge is on hold. We will make an announcement on this blog when we re-start the BlueHat Challenge. Thanks for your interest! --- We were inspired by the Matasano Crypto Challenges. So we built a similar series of fun challenges to exercise reverse engineering,...

7AI score
Exploits0
MSRC
MSRC
added 2013/05/17 7:0 a.m.6 views

May 2013 Security Bulletin Webcast, Q&A, and Slide Deck

For those who couldn’t attend the live webcast, today we’re publishing the May 2013 Security Bulletin Webcast Questions & Answers page. We fielded 13 questions on various topics during the webcast, with specific bulletin questions focusing primarily on Internet Explorer MS13-037 and MS13-038 and...

7AI score
Exploits0
MSRC
MSRC
added 2026/04/13 12:0 a.m.5 views

Zero Day Quest 2026: $2.3 million awarded for vulnerability research

Protecting customers is at the core of Zero Day Quest. During the 2026 live hacking event, Microsoft partnered with the global security research community, representing more than 20 countries and a wide range of professional backgrounds, from high school students to college professors. Together,...

5.8AI score
Exploits0
MSRC
MSRC
added 2025/10/31 12:0 a.m.5 views

You asked, we delivered: Introducing new features for an improved security experience

At the Microsoft Security Response Center MSRC, your feedback drives our innovation. Every enhancement we deliver starts with listening to the security community and our customers. Based on your input, we’ve introduced three new features designed to make your experience more efficient, transparen...

6.9AI score
Exploits0
MSRC
MSRC
added 2023/08/07 7:0 a.m.5 views

Microsoft Bug Bounty Program Year in Review: $13.8M in Rewards

We are thrilled to share the results of our collaboration with over 345 security researchers from +45 countries around the world in the past 12 months. Together, we have discovered and fixed more than a thousand potential security issues before they impacted our customers. In recognition of this...

7.5AI score
Exploits0
MSRC
MSRC
added 2022/07/19 7:0 a.m.5 views

Congratulations to the Top MSRC 2022 Q2 Security Researchers!

Congratulations to all the researchers recognized in this quarter’s Microsoft Researcher Recognition Program leaderboard! Thank you to everyone for your hard work and continued partnership to secure customers. The top three researchers of the 2022 Q2 Security Researcher Leaderboard are: Yuki Chen...

6.8AI score
Exploits0
MSRC
MSRC
added 2021/07/15 7:0 a.m.5 views

Announcing the Top MSRC 2021 Q2 Security Researchers - Congratulations!

We’re excited to announce the top contributing researchers for the 2021 Second Quarter Q2! Congratulations to all the researchers recognized in this quarter’s leaderboard and thank you to everyone who continues to help secure our customers and the...

2.2AI score
Exploits0
MSRC
MSRC
added 2021/07/08 7:0 a.m.5 views

Microsoft Bug Bounty Programs Year in Review: $13.6M in Rewards

Partnering with the security research community is an important part of Microsoft’s holistic approach to defending against security threats. Bug bounty programs are one part of this partnership. By discovering and reporting vulnerabilities to Microsoft through Coordinated Vulnerability Disclosure...

7AI score
Exploits0
MSRC
MSRC
added 2021/04/15 7:0 a.m.5 views

Congratulating Our Top MSRC 2021 Q1 Security Researchers!

We’re excited to announce the top contributing researchers for the 2021 First Quarter Q1! Congratulations to all the researchers recognized in this quarter’s leaderboard and thank you to everyone who continues to help secure our customers and the...

2.1AI score
Exploits0
MSRC
MSRC
added 2020/12/23 8:0 a.m.5 views

休暇中に被害に遭わないために ~お休み前のセキュリティ チェック~

日本では年末年始は多くの方が休暇になり、企業組織の業務はおやすみになります。しかしながら、サイバー犯...

0.3AI score
Exploits0
MSRC
MSRC
added 2020/05/13 7:0 a.m.5 views

Solving Uninitialized Stack Memory on Windows

This blog post outlines the work that Microsoft is doing to eliminate uninitialized stack memory vulnerabilities from Windows and why we’re on this path. This blog post will be broken down into a few parts that folks can jump to: Uninitialized Memory Background Potential Solutions to Uninitialize...

7AI score
Exploits0
MSRC
MSRC
added 2020/01/14 8:0 a.m.5 views

2020 年 1 月のセキュリティ更新プログラム (月例)

2020 年 1 月 15 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...

0.3AI score
Exploits0
MSRC
MSRC
added 2019/10/23 7:0 a.m.5 views

Microsoft Identity Bounty Improvements

Microsoft is continually improving our existing bounty programs. Today we’re happy to share the latest updates to the Microsoft Identity Bounty. Originally launched in July 2018, the Microsoft Identity bounty program has helped build a partnership with the security research community to improve t...

0.7AI score
Exploits0
MSRC
MSRC
added 2019/06/11 7:0 a.m.5 views

June 2019 security update release

Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide...

6.7AI score
Exploits0
MSRC
MSRC
added 2019/01/08 8:0 a.m.5 views

January 2019 Security Update Release

Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide...

3.1AI score
Exploits0
MSRC
MSRC
added 2018/12/19 8:0 a.m.5 views

December 2018 Security Update Release

Today, we released a security update for Internet Explorer after receiving a report from Google about a new vulnerability being used in targeted attacks. Customers who have Windows Update enabled and have applied the latest security updates, are protected automatically. We encourage customers to...

2.4AI score
Exploits0
MSRC
MSRC
added 2018/10/09 7:0 a.m.5 views

October 2018 Security Update Release

Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide. MSRC team...

6.7AI score
Exploits0
MSRC
MSRC
added 2018/08/02 7:0 a.m.5 views

Announcing the BlueHat v18 Schedule

Where did the summer go? This year the BlueHat Security Conference moved forward in the schedule to late September. Next year it will settle into a steady orbit of early October moving forward. With that change in schedule, it is hard to believe that it is time to reveal the schedule for BlueHat...

6.9AI score
Exploits0
MSRC
MSRC
added 2018/07/26 7:0 a.m.5 views

Recognizing Q4 Top 5 Bounty Hunters

We have tabulated the results from April-June 2018. The Top 5 Bounty Hunters for Q4 are now in. As with our list from Q3, we want to recognize both the leaders in payouts and in number of successful submissions. We appreciate the hard work and dedication of the following individuals and companies...

6.9AI score
Exploits0
MSRC
MSRC
added 2018/06/12 7:0 a.m.5 views

Draft of Microsoft Security Servicing Commitments for Windows

Updated September 10, 2018 The Servicing Criteria for Windows has transitioned to an official document and can be found at the link below. Microsoft thanks the members of the research community who provided feedback on the draft copy. Microsoft Security Servicing Criteria for Windows...

3.6AI score
Exploits0
MSRC
MSRC
added 2018/03/14 7:0 a.m.5 views

Speculative Execution Bounty Launch

Today, Microsoft is announcing the launch of a limited-time bounty program for speculative execution side channel vulnerabilities. This new class of vulnerabilities was disclosed in January 2018 and represented a major advancement in the research in this field. In recognition of that threat...

6.9AI score
Exploits0
MSRC
MSRC
added 2018/01/22 8:0 a.m.5 views

Windows システム上の Spectre および Meltdown に対する緩和策のパフォーマンスへの影響について

本記事は、Microsoft Secure ブログ “Understanding the performance impact of Spectre and Meltdown mitigations on Windows Systems”...

3.8AI score
Exploits0
MSRC
MSRC
added 2017/08/09 7:0 a.m.5 views

Moving Beyond EMET II – Windows Defender Exploit Guard

Since we last wrote about the future of EMET and how it relates to Windows 10 back in November 2016 see Moving Beyond EMET, we have received lots of invaluable feedback from EMET customers and enthusiasts regarding the upcoming EMET end of life. Based on that feedback, we are excited to share...

6.9AI score
Exploits0
MSRC
MSRC
added 2017/04/15 7:0 a.m.5 views

Protecting customers and evaluating risk

Today, Microsoft triaged a large release of exploits made publicly available by Shadow Brokers. Understandingly, customers have expressed concerns around the risk this disclosure potentially creates. Our engineers have investigated the disclosed exploits, and most of the exploits are already...

2.7AI score
Exploits0
MSRC
MSRC
added 2017/03/14 7:0 a.m.5 views

2017 年 3 月のセキュリティ情報 (月例) - MS17-006 ~ MS17-023

2017 年 3 月 15 日 日本時間、マイクロソフトは計 18 件 緊急 9 件、重要 9 件 の新規セキュリティ情報を公開し...

0.3AI score
Exploits0
MSRC
MSRC
added 2017/01/17 8:0 a.m.5 views

シンプル化された Windows 7 および Windows 8.1 のサービス モデル: 最新の改善点について

本記事は、Windows for IT Pros のブログ "Simplified servicing for Windows 7 and Windows 8.1: the latest improvements" 2017 年 1 月 13 日 米国時間公開 を翻訳したもの...

2.7AI score
Exploits0
MSRC
MSRC
added 2016/11/08 8:0 a.m.5 views

Furthering our commitment to security updates

Microsoft is committed to delivering comprehensive security updates to our customers. Information about the security updates we release are currently made available on the Microsoft Security Bulletin website. However, our customers have asked for better access to update information, as well as...

6.8AI score
Exploits0
MSRC
MSRC
added 2016/08/04 7:0 a.m.5 views

Microsoft Bounty Programs Expansion – Microsoft Edge Remote Code Execution (RCE) Bounty

I’m very happy to announce another addition to the Microsoft Bounty Programs. Microsoft will be hosting a bounty for Remote Code Execution vulnerabilities in Microsoft Edge on Windows Insider Preview builds. This bounty continues our partnership with the security research community in working to...

7.5AI score
Exploits0
Total number of security vulnerabilities1366