Lucene search
+L

1371 matches found

MSRC
MSRC
added 2020/10/15 7:0 a.m.8 views

Announcing the Top MSRC 2020 Q3 Security Researchers

Following the MSRC’s 2020 Most Valuable Security Researchers announced during this year’s Black Hat, we’re excited to announce the top contributing researchers for the 2020 Third Quarter Q3! The top three researchers of the 2020 Q3...

7AI score
Exploits0
MSRC
MSRC
added 2020/10/15 7:0 a.m.11 views

Announcing the Top MSRC 2020 Q3 Security Researchers

Following the MSRC’s 2020 Most Valuable Security Researchers announced during this year’s Black Hat, we’re excited to announce the top contributing researchers for the 2020 Third Quarter Q3! The top three researchers of the 2020 Q3...

2.5AI score
Exploits0
MSRC
MSRC
added 2020/10/14 7:30 p.m.45 views

Security Analysis of CHERI ISA

Is it possible to get to a state where memory safety issues would be deterministically mitigated? Our quest to mitigate memory corruption vulnerabilities led us to examine CHERI Capability Hardware Enhanced RISC Instructions, which provides memory protection features against many exploited...

1.6AI score
Exploits0
MSRC
MSRC
added 2020/10/14 7:0 a.m.12 views

Security Analysis of CHERI ISA

Is it possible to get to a state where memory safety issues would be deterministically mitigated? Our quest to mitigate memory corruption vulnerabilities led us to examine CHERI Capability Hardware Enhanced RISC Instructions, which provides memory protection features against many exploited...

1.6AI score
Exploits0
MSRC
MSRC
added 2020/10/14 7:0 a.m.5 views

Security Analysis of CHERI ISA

Is it possible to get to a state where memory safety issues would be deterministically mitigated? Our quest to mitigate memory corruption vulnerabilities led us to examine CHERI Capability Hardware Enhanced RISC Instructions, which provides memory protection features against many exploited...

7.5AI score
Exploits0
MSRC
MSRC
added 2020/10/13 7:0 a.m.12 views

2020 年 10 月のセキュリティ更新プログラム (月例)

2020 年 10 月 14 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...

0.3AI score
Exploits0
MSRC
MSRC
added 2020/10/06 3:59 p.m.28 views

Concluding the Azure Sphere Security Research Challenge, Microsoft Awards $374,300 to Global Security Research Community

The Azure Sphere Security Research Challenge brought together 70 researchers from 21 countries to help secure Azure Sphere customers and expand Microsoft’s partnerships with the global IoT security research community. During the three-month Azure Sphere Security Research Challenge, researchers...

0.4AI score
Exploits0
MSRC
MSRC
added 2020/10/06 7:0 a.m.11 views

Concluding the Azure Sphere Security Research Challenge, Microsoft Awards $374,300 to Global Security Research Community

The Azure Sphere Security Research Challenge brought together 70 researchers from 21 countries to help secure Azure Sphere customers and expand Microsoft’s partnerships with the global IoT security research community. During the three-month Azure Sphere Security Research Challenge, researchers...

6.9AI score
Exploits0
MSRC
MSRC
added 2020/10/06 7:0 a.m.11 views

Concluding the Azure Sphere Security Research Challenge, Microsoft Awards $374,300 to Global Security Research Community

The Azure Sphere Security Research Challenge brought together 70 researchers from 21 countries to help secure Azure Sphere customers and expand Microsoft’s partnerships with the global IoT security research community. During the three-month Azure Sphere Security Research Challenge, researchers...

0.2AI score
Exploits0
MSRC
MSRC
added 2020/09/21 10:24 p.m.47 views

New and improved Security Update Guide!

We’re excited to announce a significant update to the Security Update Guide, our one-stop site for information about all security updates provided by Microsoft. This new version will provide a more intuitive user experience to help protect our customers regardless of what Microsoft products or...

6.5AI score
Exploits0
MSRC
MSRC
added 2020/09/21 5:0 p.m.22 views

What to Expect When Reporting Vulnerabilities to Microsoft

At the Microsoft Security Response Center’s MSRC, our primary mission is to help protect our customers. One of the ways we do this is by working with security researchers to discover security vulnerabilities in our services and products, and then making sure those that pose a threat to customers...

1.8AI score
Exploits0
MSRC
MSRC
added 2020/09/21 7:0 a.m.9 views

What to Expect When Reporting Vulnerabilities to Microsoft

At the Microsoft Security Response Center’s MSRC, our primary mission is to help protect our customers. One of the ways we do this is by working with security researchers to discover security vulnerabilities in our services and products, and then making sure those that pose a threat to customers...

1.6AI score
Exploits0
MSRC
MSRC
added 2020/09/21 7:0 a.m.11 views

New and improved Security Update Guide!

We’re excited to announce a significant update to the Security Update Guide, our one-stop site for information about all security updates provided by Microsoft. This new version will provide a more intuitive user experience to help protect our customers regardless of what Microsoft products or...

6.6AI score
Exploits0
MSRC
MSRC
added 2020/09/21 7:0 a.m.11 views

New and improved Security Update Guide!

We’re excited to announce a significant update to the Security Update Guide, our one-stop site for information about all security updates provided by Microsoft. This new version will provide a more intuitive user experience to help protect our customers regardless of what Microsoft products or...

2.7AI score
Exploits0
MSRC
MSRC
added 2020/09/21 7:0 a.m.11 views

What to Expect When Reporting Vulnerabilities to Microsoft

At the Microsoft Security Response Center’s MSRC, our primary mission is to help protect our customers. One of the ways we do this is by working with security researchers to discover security vulnerabilities in our services and products, and then making sure those that pose a threat to customers...

6.9AI score
Exploits0
MSRC
MSRC
added 2020/09/14 7:0 a.m.49 views

[AD 管理者向け] CVE-2020-1472 Netlogon の対応ガイダンスの概要

2020 年 8 月の月例セキュリティ更新プログラム 2020 年 8 月 11 日 公開 米国時間 にて、Active Directory で利用され...

0.7AI score0.99512EPSS
Exploits75
MSRC
MSRC
added 2020/09/08 7:0 a.m.6 views

2020 年 9 月のセキュリティ更新プログラム (月例)

2020 年 9 月 9 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新情報を公開しました。 Microsoft...

0.3AI score
Exploits0
MSRC
MSRC
added 2020/08/27 7:0 a.m.15 views

Local Administrator Password Solution (LAPS) 導入ガイド (日本語版)

Active Directory 管理者のみなさん、Local Administrator Password Solution LAPS ツールはご存じですか? LAPS ツールは、Active Directory AD に参加して...

1.8AI score
Exploits0
MSRC
MSRC
added 2020/08/17 4:45 p.m.25 views

Control Flow Guard for Clang/LLVM and Rust

As part of our ongoing efforts towards safer systems programming, we’re pleased to announce that Windows Control Flow Guard CFG support is now available in the Clang C/C++ compiler and Rust. What is Control Flow Guard? CFG is a platform security technology designed to enforce control flow...

1.4AI score
Exploits0
MSRC
MSRC
added 2020/08/17 7:0 a.m.10 views

Control Flow Guard for Clang/LLVM and Rust

As part of our ongoing efforts towards safer systems programming, we’re pleased to announce that Windows Control Flow Guard CFG support is now available in the Clang C/C++ compiler and Rust. What is Control Flow Guard? CFG is a platform security technology designed to enforce control flow...

7.3AI score
Exploits0
MSRC
MSRC
added 2020/08/17 7:0 a.m.16 views

Control Flow Guard for Clang/LLVM and Rust

As part of our ongoing efforts towards safer systems programming, we’re pleased to announce that Windows Control Flow Guard CFG support is now available in the Clang C/C++ compiler and Rust. What is Control Flow Guard? What is Control Flow Guard? CFG is a platform security technology designed to...

1.8AI score
Exploits0
MSRC
MSRC
added 2020/08/11 7:0 a.m.7 views

2020 年 8 月のセキュリティ更新プログラム (月例)

2020 年 8 月 12 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...

0.3AI score
Exploits0
MSRC
MSRC
added 2020/08/05 4:0 p.m.23 views

Congratulations to the MSRC’s 2020 Most Valuable Security Researchers

Today we announce our Most Valuable Security Researchers for 2020! The MSRC Researcher Recognition program is an integral aspect of recognizing the ongoing partnerships with our community of talented security researchers who report through Coordinated Vulnerability Disclosure CVD. These...

1.5AI score
Exploits0
MSRC
MSRC
added 2020/08/05 7:0 a.m.9 views

Congratulations to the MSRC’s 2020 Most Valuable Security Researchers

Today we announce our Most Valuable Security Researchers for 2020! The MSRC Researcher Recognition program is an integral aspect of recognizing the ongoing partnerships with our community of talented security researchers who report through Coordinated Vulnerability Disclosure CVD. These...

7AI score
Exploits0
MSRC
MSRC
added 2020/08/05 7:0 a.m.10 views

Congratulations to the MSRC’s 2020 Most Valuable Security Researchers

Today we announce our Most Valuable Security Researchers for 2020! The MSRC Researcher Recognition program is an integral aspect of recognizing the ongoing partnerships with our community of talented security researchers who report through Coordinated Vulnerability Disclosure CVD. These...

1.8AI score
Exploits0
MSRC
MSRC
added 2020/08/04 3:58 p.m.21 views

Microsoft Bug Bounty Programs Year in Review: $13.7M in Rewards

Security researchers are a vital component of the cybersecurity ecosystem that safeguards every facet of digital life and commerce. The researchers who devote time to uncovering and reporting security issues before adversaries can exploit them have earned our collective respect and gratitude. The...

2.2AI score
Exploits0
MSRC
MSRC
added 2020/08/04 7:0 a.m.10 views

Microsoft Bug Bounty Programs Year in Review: $13.7M in Rewards

Security researchers are a vital component of the cybersecurity ecosystem that safeguards every facet of digital life and commerce. The researchers who devote time to uncovering and reporting security issues before adversaries can exploit them have earned our collective respect and gratitude. The...

2.4AI score
Exploits0
MSRC
MSRC
added 2020/08/04 7:0 a.m.14 views

Microsoft Bug Bounty Programs Year in Review: $13.7M in Rewards

Security researchers are a vital component of the cybersecurity ecosystem that safeguards every facet of digital life and commerce. The researchers who devote time to uncovering and reporting security issues before adversaries can exploit them have earned our collective respect and gratitude. The...

7AI score
Exploits0
MSRC
MSRC
added 2020/08/03 4:0 p.m.33 views

Microsoft Joins Open Source Security Foundation

Microsoft has invested in the security of open source software for many years and today I’m excited to share that Microsoft is joining industry partners to create the Open Source Security Foundation OpenSSF, a new cross-industry collaboration hosted at the Linux Foundation. The OpenSSF brings...

1.5AI score
Exploits0
MSRC
MSRC
added 2020/08/03 7:0 a.m.12 views

Microsoft Joins Open Source Security Foundation

Microsoft has invested in the security of open source software for many years and today I’m excited to share that Microsoft is joining industry partners to create the Open Source Security Foundation OpenSSF, a new cross-industry collaboration hosted at the Linux Foundation. The OpenSSF brings...

6.8AI score
Exploits0
MSRC
MSRC
added 2020/08/03 7:0 a.m.12 views

Microsoft Joins Open Source Security Foundation

Microsoft has invested in the security of open source software for many years and today I’m excited to share that Microsoft is joining industry partners to create the Open Source Security Foundation OpenSSF, a new cross-industry collaboration hosted at the Linux Foundation. The OpenSSF brings...

1.5AI score
Exploits0
MSRC
MSRC
added 2020/08/03 7:0 a.m.7 views

より安全な TLS 設定を利用しましょう

データを暗号化し安全にやり取りを行う Transport Layer Security TLS。本ブログでも、過去に何度かお知らせしてきたよう...

1.1AI score
Exploits0
MSRC
MSRC
added 2020/07/30 10:35 p.m.43 views

Black Hat 2020: See you in the Cloud!

It hardly feels like summer without the annual trip to Las Vegas for Black Hat USA. With this year’s event being totally cloud based, we won’t have the chance to catch up with security researchers, industry partners, and customers in person, an opportunity we look forward to every year. We’ll sti...

0.5AI score
Exploits0
MSRC
MSRC
added 2020/07/30 7:0 a.m.9 views

Black Hat 2020: See you in the Cloud!

It hardly feels like summer without the annual trip to Las Vegas for Black Hat USA. With this year’s event being totally cloud based, we won’t have the chance to catch up with security researchers, industry partners, and customers in person, an opportunity we look forward to every year. We’ll sti...

7AI score
Exploits0
MSRC
MSRC
added 2020/07/30 7:0 a.m.11 views

Black Hat 2020: See you in the Cloud!

It hardly feels like summer without the annual trip to Las Vegas for Black Hat USA. With this year’s event being totally cloud based, we won’t have the chance to catch up with security researchers, industry partners, and customers in person, an opportunity we look forward to every year. We’ll sti...

0.6AI score
Exploits0
MSRC
MSRC
added 2020/07/24 4:15 p.m.26 views

Updates to the Windows Insider Preview Bounty Program

Partnering with the research community is an important part of Microsoft’s holistic approach to defending against security threats. Bounty programs are one part of this partnership, designed to encourage and reward vulnerability research focused on the highest impact to customer security. The...

1.5AI score
Exploits0
MSRC
MSRC
added 2020/07/24 7:0 a.m.14 views

Updates to the Windows Insider Preview Bounty Program

Partnering with the research community is an important part of Microsoft’s holistic approach to defending against security threats. Bounty programs are one part of this partnership, designed to encourage and reward vulnerability research focused on the highest impact to customer security. The...

1.4AI score
Exploits0
MSRC
MSRC
added 2020/07/24 7:0 a.m.12 views

Updates to the Windows Insider Preview Bounty Program

Partnering with the research community is an important part of Microsoft’s holistic approach to defending against security threats. Bounty programs are one part of this partnership, designed to encourage and reward vulnerability research focused on the highest impact to customer security. The...

6.9AI score
Exploits0
MSRC
MSRC
added 2020/07/15 5:0 p.m.24 views

Top MSRC 2020 Q2 Security Researchers Announced – Congratulations!

We are excited to announce the top contributing researchers for the 2020 Second Quarter Q2! Congratulations to all the researchers who continue to rock the leaderboard, and a big thank you to everyone for your contribution to securing our customers and the ecosystem. The top three researchers of...

2.9AI score
Exploits0
MSRC
MSRC
added 2020/07/15 7:0 a.m.11 views

Top MSRC 2020 Q2 Security Researchers Announced – Congratulations!

We are excited to announce the top contributing researchers for the 2020 Second Quarter Q2! Congratulations to all the researchers who continue to rock the leaderboard, and a big thank you to everyone for your contribution to securing our customers and the ecosystem. The top three researchers of...

6.9AI score
Exploits0
MSRC
MSRC
added 2020/07/15 7:0 a.m.9 views

Top MSRC 2020 Q2 Security Researchers Announced – Congratulations!

We are excited to announce the top contributing researchers for the 2020 Second Quarter Q2! Congratulations to all the researchers who continue to rock the leaderboard, and a big thank you to everyone for your contribution to securing our customers and the ecosystem. The top three researchers of...

3.4AI score
Exploits0
MSRC
MSRC
added 2020/07/14 5:1 p.m.571 views

July 2020 Security Update: CVE-2020-1350 Vulnerability in Windows Domain Name System (DNS) Server

Today we released an update for CVE-2020-1350, a Critical Remote Code Execution RCE vulnerability in Windows DNS Server that is classified as a ‘wormable’ vulnerability and has a CVSS base score of 10.0. This issue results from a flaw in Microsoft’s DNS server role implementation and affects all...

10CVSS9.6AI score0.92178EPSS
Exploits21
MSRC
MSRC
added 2020/07/14 7:0 a.m.39 views

July 2020 Security Update: CVE-2020-1350 Vulnerability in Windows Domain Name System (DNS) Server

Today we released an update for CVE-2020-1350, a Critical Remote Code Execution RCE vulnerability in Windows DNS Server that is classified as a ‘wormable’ vulnerability and has a CVSS base score of 10.0. This issue results from a flaw in Microsoft’s DNS server role implementation and affects all...

10CVSS3.5AI score0.92178EPSS
Exploits21
MSRC
MSRC
added 2020/07/14 7:0 a.m.37 views

Windows DNS サーバーの脆弱性情報 CVE-2020-1350 に関する注意喚起

本記事は、「July 2020 Security Update: CVE-2020-1350 Vulnerability in Windows Domain Name System DNS Server」の日本語抄訳です。 本日、脆弱性情報 CVE-2020-1350 を公開し...

10CVSS2.1AI score0.92178EPSS
Exploits21
MSRC
MSRC
added 2020/07/14 7:0 a.m.33 views

July 2020 Security Update: CVE-2020-1350 Vulnerability in Windows Domain Name System (DNS) Server

Today we released an update for CVE-2020-1350, a Critical Remote Code Execution RCE vulnerability in Windows DNS Server that is classified as a ‘wormable’ vulnerability and has a CVSS base score of 10.0. This issue results from a flaw in Microsoft’s DNS server role implementation and affects all...

10CVSS7.5AI score0.92178EPSS
Exploits21
MSRC
MSRC
added 2020/07/14 7:0 a.m.13 views

2020 年 7 月のセキュリティ更新プログラム (月例)

2020 年 7 月 15 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...

0.3AI score
Exploits0
MSRC
MSRC
added 2020/07/06 7:0 a.m.9 views

Security Update Validation Program (SUVP) のご紹介

本記事は、What is the Security Update Validation Program? の日本語抄訳です。 Security Update Validation Program は、マイクロソフトが毎月第二火曜 米国時間...

1.6AI score
Exploits0
MSRC
MSRC
added 2020/07/02 5:57 p.m.33 views

Solving Uninitialized Kernel Pool Memory on Windows

This blog post outlines the work that Microsoft is doing to eliminate uninitialized kernel pool memory vulnerabilities from Windows and why we’re on this path. For a background on why uninitialized memory matters and what options have been used in the past to tackle this issue, please see our...

3.5AI score
Exploits0
MSRC
MSRC
added 2020/07/02 7:0 a.m.11 views

Solving Uninitialized Kernel Pool Memory on Windows

This blog post outlines the work that Microsoft is doing to eliminate uninitialized kernel pool memory vulnerabilities from Windows and why we’re on this path. For a background on why uninitialized memory matters and what options have been used in the past to tackle this issue, please see our...

6.9AI score
Exploits0
MSRC
MSRC
added 2020/07/02 7:0 a.m.9 views

Solving Uninitialized Kernel Pool Memory on Windows

This blog post outlines the work that Microsoft is doing to eliminate uninitialized kernel pool memory vulnerabilities from Windows and why we’re on this path. For a background on why uninitialized memory matters and what options have been used in the past to tackle this issue, please see our...

4.6AI score
Exploits0
Total number of security vulnerabilities1371