New and Improved Report Abuse Portal and API!

The Report Abuse CERT Portal and Report Abuse API have played a significant role in MSRC’s response to suspected cyberattacks, privacy issues, and abuse originating from Microsoft Online Services. With the contributions from our wonderful community of reporters, we continue to gain insightful...

New and Improved Report Abuse Portal and API!

The Report Abuse CERT Portal and Report Abuse API have played a significant role in MSRC’s response to suspected cyberattacks, privacy issues, and abuse originating from Microsoft Online Services. With the contributions from our wonderful community of reporters, we continue to gain insightful...

Netlogon Domain Controller Enforcement Mode is enabled by default beginning with the February 9, 2021 Security Update, related to CVE-2020-1472

Microsoft addressed a Critical RCE vulnerability affecting the Netlogon protocol CVE-2020-1472 on August 11, 2020. We are reminding our customers that beginning with the February 9, 2021 Security Update release we will be enabling Domain Controller enforcement mode by default. This will block...

Top MSRC 2020 Q4 Security Researchers – Congratulations!

We’re excited to announce the top contributing researchers for the 2020 Fourth Quarter Q4! Congratulations to all of the researchers who made this quarter’s leaderboard and a huge thank you to everyone who continues to help secure our customers and the ecosystem. The top three researchers of the...

Netlogon Domain Controller Enforcement Mode is enabled by default beginning with the February 9, 2021 Security Update, related to CVE-2020-1472

Microsoft addressed a Critical RCE vulnerability affecting the Netlogon protocol CVE-2020-1472 on August 11, 2020. We are reminding our customers that beginning with the February 9, 2021 Security Update release we will be enabling Domain Controller enforcement mode by default. This will block...

Top MSRC 2020 Q4 Security Researchers – Congratulations!

We’re excited to announce the top contributing researchers for the 2020 Fourth Quarter Q4! Congratulations to all of the researchers who made this quarter’s leaderboard and a huge thank you to everyone who continues to help secure our customers and the ecosystem. The top three researchers of the...

Top MSRC 2020 Q4 Security Researchers – Congratulations!

We’re excited to announce the top contributing researchers for the 2020 Fourth Quarter Q4! Congratulations to all of the researchers who made this quarter’s leaderboard and a huge thank you to everyone who continues to help secure our customers and the ecosystem. The top three researchers of the...

Netlogon Domain Controller Enforcement Mode is enabled by default beginning with the February 9, 2021 Security Update, related to CVE-2020-1472

Microsoft addressed a Critical RCE vulnerability affecting the Netlogon protocol CVE-2020-1472 on August 11, 2020. We are reminding our customers that beginning with the February 9, 2021 Security Update release we will be enabling Domain Controller enforcement mode by default. This will block...

Security Update Guide Supports CVEs Assigned by Industry Partners

Hi Folks, This month we are introducing a new data element for each CVE in the Security Update Guide, called Assigning CNA. First let me back up a bit and give some information about the CVE program. The purpose of a CVE is to uniquely identify a cybersecurity vulnerability. The CVE program was...

Security Update Guide Supports CVEs Assigned by Industry Partners

Hi Folks, This month we are introducing a new data element for each CVE in the Security Update Guide, called Assigning CNA. First let me back up a bit and give some information about the CVE program. The purpose of a CVE is to uniquely identify a cybersecurity vulnerability. The CVE program was...

Security Update Guide Supports CVEs Assigned by Industry Partners

Hi Folks, This month we are introducing a new data element for each CVE in the Security Update Guide, called Assigning CNA. First let me back up a bit and give some information about the CVE program. The purpose of a CVE is to uniquely identify a cybersecurity vulnerability. The CVE program was...

2021 年 1 月のセキュリティ更新プログラム (月例)

2021 年 1 月 13 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...

Building Faster AMD64 Memset Routines

Over the past several years, Microsoft has rolled out several changes that result in more memory being zeroed. These mitigations include: The InitAll mitigation which zeros most stack variables Switching most Microsoft kernel code over to the ExAllocatePool2/ExAllocatePool3 API’s which zero memor...

Building Faster AMD64 Memset Routines

Over the past several years, Microsoft has rolled out several changes that result in more memory being zeroed. These mitigations include: The InitAll mitigation which zeros most stack variables Switching most Microsoft kernel code over to the ExAllocatePool2/ExAllocatePool3 API’s which zero memor...

Building Faster AMD64 Memset Routines

Over the past several years, Microsoft has rolled out several changes that result in more memory being zeroed. These mitigations include: The InitAll mitigation which zeros most stack variables Switching most Microsoft kernel code over to the ExAllocatePool2/ExAllocatePool3 API’s which zero memor...

Microsoft Internal Solorigate Investigation Update

As we said in our recent blog, we believe the Solorigate incident is an opportunity to work together in important ways, to share information, strengthen defenses and respond to attacks. Like other SolarWinds customers, we have been actively looking for indicators of the Solorigate actor and want ...

Microsoft Internal Solorigate Investigation Update

As we said in our recent blog, we believe the Solorigate incident is an opportunity to work together in important ways, to share information, strengthen defenses and respond to attacks. Like other SolarWinds customers, we have been actively looking for indicators of the Solorigate actor and want ...

Microsoft Internal Solorigate Investigation Update

As we said in our recent blog, we believe the Solorigate incident is an opportunity to work together in important ways, to share information, strengthen defenses and respond to attacks. Like other SolarWinds customers, we have been actively looking for indicators of the Solorigate actor and want ...

休暇中に被害に遭わないために ～お休み前のセキュリティ チェック～

日本では年末年始は多くの方が休暇になり、企業組織の業務はおやすみになります。しかしながら、サイバー犯...

Solorigate Resource Center – updated February 5, 2021

Alongside our industry partners and the security community, Microsoft continues to investigate the extent of the recent nation-state attack on SolarWinds. Our goal is to provide the latest threat intelligence, Indicators of Compromise IOCs, and guidance across our products and solutions to help t...

Nobelium Resource Center - updated March 4, 2021

UPDATE: Microsoft continues to work with partners and customers to expand our knowledge of the threat actor behind the nation-state cyberattacks that compromised the supply chain of SolarWinds and impacted multiple other organizations. Microsoft previously used ‘Solorigate’ as the primary...

Nobelium Resource Center - updated March 4, 2021

UPDATE: Microsoft continues to work with partners and customers to expand our knowledge of the threat actor behind the nation-state cyberattacks that compromised the supply chain of SolarWinds and impacted multiple other organizations. Microsoft previously used ‘Solorigate’ as the primary...

[IT 管理者向け] CVSS を読み解いて脆弱性をより正しく理解する

新しいバージョンのセキュリティ更新プログラムについては下記の関連ブログもご覧ください。 「新しいセキュ...

Customer Guidance on Recent Nation-State Cyber Attacks

Note: we are updating as the investigation continues. Revision history listed at the bottom. This post contains technical details about the methods of the actor we believe was involved in Recent Nation-State Cyber Attacks, with the goal to enable the broader security community to hunt for activit...

Customer Guidance on Recent Nation-State Cyber Attacks

Note: we are updating as the investigation continues. Revision history listed at the bottom. This post contains technical details about the methods of the actor we believe was involved in Recent Nation-State Cyber Attacks, with the goal to enable the broader security community to hunt for activit...

Customer Guidance on Recent Nation-State Cyber Attacks

Note: we are updating as the investigation continues. Revision history listed at the bottom. This post contains technical details about the methods of the actor we believe was involved in Recent Nation-State Cyber Attacks, with the goal to enable the broader security community to hunt for activit...

Security Update Guide: Let’s keep the conversation going

Hi Folks, We want to continue to highlight changes we’ve made to our Security Update Guide. We have received a lot of feedback, much of which has been very positive. We acknowledge there have been some stability problems and we are actively working through reports of older browsers not being able...

Security Update Guide: Let's keep the conversation going

Hi Folks, We want to continue to highlight changes we’ve made to our Security Update Guide. We have received a lot of feedback, much of which has been very positive. We acknowledge there have been some stability problems and we are actively working through reports of older browsers not being able...

2020 年 12 月のセキュリティ更新プログラム (月例)

2020 年 12 月 9 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...

Security Update Guide: Let's keep the conversation going

Hi Folks, We want to continue to highlight changes we’ve made to our Security Update Guide. We have received a lot of feedback, much of which has been very positive. We acknowledge there have been some stability problems and we are actively working through reports of older browsers not being able...

新しいセキュリティ更新プログラム ガイド (Security Update Guide) を使ってみよう

新しいバージョンのセキュリティ更新プログラムについては下記の関連ブログもご覧ください。 「新しいセキュ...

Kerberos KDC の脆弱性 (CVE-2020-17049) に対応するためのガイダンス

マイクロソフトは、2020 年 11 月 10 日 米国時間 に、Kerberos KDC Key Distribution Center に対する脆弱性情報 CVE-2020-17049 を公...

2020 年 11 月のセキュリティ更新プログラム (月例)

2020 年 11 月 11 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...

セキュリティ更新プログラム リリース スケジュール (2021 年)

2021 年のセキュリティ更新プログラムの公開予定日は下記のとおりです。更新プログラムの評価、テスト、適用の...

Vulnerability Descriptions in the New Version of the Security Update Guide

With the launch of the new version of the Security Update Guide, Microsoft is demonstrating its commitment to industry standards by describing the vulnerabilities with the Common Vulnerability Scoring System CVSS. This is a precise method that describes the vulnerability with attributes such as t...

新しいセキュリティ更新プログラム ガイドでの脆弱性情報の詳細

新しいバージョンのセキュリティ更新プログラムについては下記の関連ブログもご覧ください。 「新しいセキュ...

Vulnerability Descriptions in the New Version of the Security Update Guide

With the launch of the new version of the Security Update Guide, Microsoft is demonstrating its commitment to industry standards by describing the vulnerabilities with the Common Vulnerability Scoring System CVSS. This is a precise method that describes the vulnerability with attributes such as t...

Vulnerability Descriptions in the New Version of the Security Update Guide

With the launch of the new version of the Security Update Guide, Microsoft is demonstrating its commitment to industry standards by describing the vulnerabilities with the Common Vulnerability Scoring System CVSS. This is a precise method that describes the vulnerability with attributes such as t...

Attacks exploiting Netlogon vulnerability (CVE-2020-1472)

Microsoft has received a small number of reports from customers and others about continued activity exploiting a vulnerability affecting the Netlogon protocol CVE-2020-1472 which was previously addressed in security updates starting on August 11, 2020. If the original guidance is not applied, the...

Attacks exploiting Netlogon vulnerability (CVE-2020-1472)

Microsoft has received a small number of reports from customers and others about continued activity exploiting a vulnerability affecting the Netlogon protocol CVE-2020-1472 which was previously addressed in security updates starting on August 11, 2020. If the original guidance is not applied, the...

Attacks exploiting Netlogon vulnerability (CVE-2020-1472)

Microsoft has received a small number of reports from customers and others about continued activity exploiting a vulnerability affecting the Netlogon protocol CVE-2020-1472 which was previously addressed in security updates starting on August 11, 2020. If the original guidance is not applied, the...

[IT 管理者向け] DNS レコードを管理してサブドメイン テイクオーバーを防ぐ

みなさんは、「サブドメイン テイクオーバー」というセキュリティの問題をご存じですか? サブドメイン テイク...

Microsoft Digital Defense Report でサイバーセキュリティの動向を知る

2020 年 9 月マイクロソフトは、昨年のサイバーセキュリティの動向を網羅した「Microsoft Digital Defense Repo...

Announcing the Top MSRC 2020 Q3 Security Researchers

Following the MSRC’s 2020 Most Valuable Security Researchers announced during this year’s Black Hat, we’re excited to announce the top contributing researchers for the 2020 Third Quarter Q3! The top three researchers of the 2020 Q3 Security Researcher Leaderboard are: David Dworken 1800 points,...

Announcing the Top MSRC 2020 Q3 Security Researchers

Following the MSRC’s 2020 Most Valuable Security Researchers announced during this year’s Black Hat, we’re excited to announce the top contributing researchers for the 2020 Third Quarter Q3! The top three researchers of the 2020 Q3...

Announcing the Top MSRC 2020 Q3 Security Researchers

Following the MSRC’s 2020 Most Valuable Security Researchers announced during this year’s Black Hat, we’re excited to announce the top contributing researchers for the 2020 Third Quarter Q3! The top three researchers of the 2020 Q3...

Security Analysis of CHERI ISA

Is it possible to get to a state where memory safety issues would be deterministically mitigated? Our quest to mitigate memory corruption vulnerabilities led us to examine CHERI Capability Hardware Enhanced RISC Instructions, which provides memory protection features against many exploited...

Security Analysis of CHERI ISA

Is it possible to get to a state where memory safety issues would be deterministically mitigated? Our quest to mitigate memory corruption vulnerabilities led us to examine CHERI Capability Hardware Enhanced RISC Instructions, which provides memory protection features against many exploited...

Security Analysis of CHERI ISA

Is it possible to get to a state where memory safety issues would be deterministically mitigated? Our quest to mitigate memory corruption vulnerabilities led us to examine CHERI Capability Hardware Enhanced RISC Instructions, which provides memory protection features against many exploited...

2020 年 10 月のセキュリティ更新プログラム (月例)

2020 年 10 月 14 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...