Lucene search
+L

1371 matches found

MSRC
MSRC
added 2019/08/13 5:7 p.m.750 views

Patch new wormable vulnerabilities in Remote Desktop Services (CVE-2019-1181/1182)

Today Microsoft released a set of fixes for Remote Desktop Services that include two critical Remote Code Execution RCE vulnerabilities, CVE-2019-1181 and CVE-2019-1182. Like the previously-fixed ‘BlueKeep’ vulnerability CVE-2019-0708, these two vulnerabilities are also ‘wormable’, meaning that a...

10CVSS2.5AI score0.99999EPSS
Exploits123
MSRC
MSRC
added 2019/08/13 5:5 p.m.87 views

August 2019 Security Updates

We have released the August security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide. As a reminder, Windo...

2.6AI score
Exploits0
MSRC
MSRC
added 2019/08/13 7:0 a.m.54 views

Patch new wormable vulnerabilities in Remote Desktop Services (CVE-2019-1181/1182)

Today Microsoft released a set of fixes for Remote Desktop Services that include two critical Remote Code Execution RCE vulnerabilities, CVE-2019-1181 and CVE-2019-1182. Like the previously-fixed ‘BlueKeep’ vulnerability CVE-2019-0708, these two vulnerabilities are also ‘wormable’, meaning that a...

10CVSS9.6AI score0.99999EPSS
Exploits123
MSRC
MSRC
added 2019/08/13 7:0 a.m.50 views

Patch new wormable vulnerabilities in Remote Desktop Services (CVE-2019-1181/1182)

Today Microsoft released a set of fixes for Remote Desktop Services that include two critical Remote Code Execution RCE vulnerabilities, CVE-2019-1181 and CVE-2019-1182. Like the previously-fixed ‘BlueKeep’ vulnerability CVE-2019-0708, these two vulnerabilities are also ‘wormable’, meaning that a...

10CVSS2.1AI score0.99999EPSS
Exploits123
MSRC
MSRC
added 2019/08/13 7:0 a.m.10 views

August 2019 Security Updates

We have released the August security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide. As a reminder, Windo...

3.4AI score
Exploits0
MSRC
MSRC
added 2019/08/13 7:0 a.m.12 views

2019 年 8 月のセキュリティ更新プログラム (月例)

2019 年 8 月 14 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...

0.3AI score
Exploits0
MSRC
MSRC
added 2019/08/13 7:0 a.m.10 views

August 2019 Security Updates

We have released the August security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide. As a reminder, Windo...

6.7AI score
Exploits0
MSRC
MSRC
added 2019/08/09 3:45 a.m.83 views

Microsoft Announces Top Three Contributing Partners in the Microsoft Active Protections Program (MAPP)

Today Microsoft announced the MAPP program Top Vulnerability Contributors, Top Threat Indicator Submitters, and Top Zero-Day Reporting for the period of July 1, 2018 – June 30, 2019. The Microsoft Active Protections Program provides security and protection to customers through cooperation and...

6.8AI score
Exploits0
MSRC
MSRC
added 2019/08/08 7:0 a.m.9 views

Microsoft Announces Top Three Contributing Partners in the Microsoft Active Protections Program (MAPP)

Today Microsoft announced the MAPP program Top Vulnerability Contributors, Top Threat Indicator Submitters, and Top Zero-Day Reporting for the period of July 1, 2018 – June 30, 2019. The Microsoft Active Protections Program provides security and protection to customers through cooperation and...

6.9AI score
Exploits0
MSRC
MSRC
added 2019/08/08 7:0 a.m.7 views

Microsoft Announces Top Three Contributing Partners in the Microsoft Active Protections Program (MAPP)

Today Microsoft announced the MAPP program Top Vulnerability Contributors, Top Threat Indicator Submitters, and Top Zero-Day Reporting for the period of July 1, 2018 – June 30, 2019. The Microsoft Active Protections Program provides security and protection to customers through cooperation and...

3.4AI score
Exploits0
MSRC
MSRC
added 2019/08/07 6:30 p.m.66 views

Announcing 2019 MSRC Most Valuable Security Researchers

Earlier today we announced MSRC’s 2018-2019 Most Valuable Security Researchers at Black Hat. The following 75 researchers hail from all corners of the world and possess varied experience and skills, yet all of them have contributed to securing the Microsoft’s customers and the broader ecosystem...

1.3AI score
Exploits0
MSRC
MSRC
added 2019/08/07 7:0 a.m.8 views

Announcing 2019 MSRC Most Valuable Security Researchers

Earlier today we announced MSRC’s 2018-2019 Most Valuable Security Researchers at Black Hat. The following 75 researchers hail from all corners of the world and possess varied experience and skills, yet all of them have contributed to securing the Microsoft’s customers and the broader ecosystem...

6.8AI score
Exploits0
MSRC
MSRC
added 2019/08/07 7:0 a.m.6 views

Announcing 2019 MSRC Most Valuable Security Researchers

Earlier today we announced MSRC’s 2018-2019 Most Valuable Security Researchers at Black Hat. The following 75 researchers hail from all corners of the world and possess varied experience and skills, yet all of them have contributed to securing the Microsoft’s customers and the broader ecosystem...

1.1AI score
Exploits0
MSRC
MSRC
added 2019/08/05 4:27 p.m.52 views

Corporate IoT – a path to intrusion

Several sources estimate that by the year 2020 some 50 billion IoT devices will be deployed worldwide. IoT devices are purposefully designed to connect to a network and many are simply connected to the internet with little management or oversight. Such devices still must be identifiable,...

6.9AI score
Exploits0
MSRC
MSRC
added 2019/08/05 4:5 p.m.55 views

Azure Security Lab: a new space for Azure research and collaboration

Azure is exceptionally secure. To help keep it that way, we are doubling the top bounty reward for Azure vulnerabilities to $40,000. But we aren’t stopping there. To make it easier for security researchers to confidently and aggressively test Azure, we are inviting a select group of talented...

1.2AI score
Exploits0
MSRC
MSRC
added 2019/08/05 7:0 a.m.12 views

Corporate IoT - a path to intrusion

Several sources estimate that by the year 2020 some 50 billion IoT devices will be deployed worldwide. IoT devices are purposefully designed to connect to a network and many are simply connected to the internet with little management or oversight. Such devices still must be identifiable,...

6.9AI score
Exploits0
MSRC
MSRC
added 2019/08/05 7:0 a.m.6 views

Azure Security Lab: a new space for Azure research and collaboration

Azure is exceptionally secure. To help keep it that way, we are doubling the top bounty reward for Azure vulnerabilities to $40,000. But we aren’t stopping there. To make it easier for security researchers to confidently and aggressively test Azure, we are inviting a select group of talented...

7AI score
Exploits0
MSRC
MSRC
added 2019/08/05 7:0 a.m.14 views

Azure Security Lab: a new space for Azure research and collaboration

Azure is exceptionally secure. To help keep it that way, we are doubling the top bounty reward for Azure vulnerabilities to $40,000. But we aren’t stopping there. To make it easier for security researchers to confidently and aggressively test Azure, we are inviting a select group of talented...

1.3AI score
Exploits0
MSRC
MSRC
added 2019/08/05 7:0 a.m.7 views

Corporate IoT - a path to intrusion

Several sources estimate that by the year 2020 some 50 billion IoT devices will be deployed worldwide. IoT devices are purposefully designed to connect to a network and many are simply connected to the internet with little management or oversight. Such devices still must be identifiable,...

3.2AI score
Exploits0
MSRC
MSRC
added 2019/07/30 9:29 p.m.97 views

Recognizing Security Researchers in 2019

Who’s going to be on the Most Valuable Security Researcher list at Black Hat USA 2019? We’re not announcing the names—yet—but this is how we’ll determine who’s there. How do we define the Most Valuable Security Researchers? The list at Black Hat will be the top tier of researchers based on not ju...

1.4AI score
Exploits0
MSRC
MSRC
added 2019/07/30 7:0 a.m.9 views

Recognizing Security Researchers in 2019

Who’s going to be on the Most Valuable Security Researcher list at Black Hat USA 2019? We’re not announcing the names—yet—but this is how we’ll determine who’s there. How do we define the Most Valuable Security Researchers? The list at Black Hat will be the top tier of researchers based on not ju...

7AI score
Exploits0
MSRC
MSRC
added 2019/07/30 7:0 a.m.15 views

Recognizing Security Researchers in 2019

Who’s going to be on the Most Valuable Security Researcher list at Black Hat USA 2019? We’re not announcing the names—yet—but this is how we’ll determine who’s there. How do we define the Most Valuable Security Researchers? The list at Black Hat will be the top tier of researchers based on not ju...

1.7AI score
Exploits0
MSRC
MSRC
added 2019/07/29 11:58 p.m.65 views

Meet the MSRC at Black Hat 2019

We’re getting close to Black Hat, and we hope to see you there. Here’s where you can find members of the Microsoft Security Response Center if you’d like to say hello, ask a question about a report you made, discuss a recent blog article, or just show us pictures of your dog. Wednesday, August 7 ...

1.7AI score
Exploits0
MSRC
MSRC
added 2019/07/29 7:34 p.m.68 views

It’s Official – The Way We Recognize Our Security Researchers

We deeply appreciate the partnership of the many talented security researchers who report vulnerabilities to Microsoft through Coordinated Vulnerability Disclosure. We pay bounties for research in key areas, and each year at Black Hat USA, we’ve recognized the most impactful researchers helping t...

1.4AI score
Exploits0
MSRC
MSRC
added 2019/07/29 7:0 a.m.10 views

It’s Official – The Way We Recognize Our Security Researchers

We deeply appreciate the partnership of the many talented security researchers who report vulnerabilities to Microsoft through Coordinated Vulnerability Disclosure. We pay bounties for research in key areas, and each year at Black Hat USA, we’ve recognized the most impactful researchers helping t...

1.5AI score
Exploits0
MSRC
MSRC
added 2019/07/29 7:0 a.m.11 views

It’s Official – The Way We Recognize Our Security Researchers

We deeply appreciate the partnership of the many talented security researchers who report vulnerabilities to Microsoft through Coordinated Vulnerability Disclosure. We pay bounties for research in key areas, and each year at Black Hat USA, we’ve recognized the most impactful researchers helping t...

7.1AI score
Exploits0
MSRC
MSRC
added 2019/07/29 7:0 a.m.12 views

Meet the MSRC at Black Hat 2019

We’re getting close to Black Hat, and we hope to see you there. Here’s where you can find members of the Microsoft Security Response Center if you’d like to say hello, ask a question about a report you made, discuss a recent blog article, or just show us pictures of your dog...

6.8AI score
Exploits0
MSRC
MSRC
added 2019/07/29 7:0 a.m.11 views

Meet the MSRC at Black Hat 2019

We’re getting close to Black Hat, and we hope to see you there. Here’s where you can find members of the Microsoft Security Response Center if you’d like to say hello, ask a question about a report you made, discuss a recent blog article, or just show us pictures of your dog...

1.5AI score
Exploits0
MSRC
MSRC
added 2019/07/25 9:51 p.m.94 views

Microsoft Announces Top Contributing Partners in the Microsoft Active Protections Program (MAPP)

Today we announce the top organizational candidates for Vulnerability Top Contributors, Threat Indicator Top Submitters, and Zero-Day Top Reporting for the period of July 1, 2018 – June 30, 2019. The Microsoft Active Protections Program provides security and protection to customers through...

6.9AI score
Exploits0
MSRC
MSRC
added 2019/07/25 7:0 a.m.9 views

Microsoft Announces Top Contributing Partners in the Microsoft Active Protections Program (MAPP)

Today we announce the top organizational candidates for Vulnerability Top Contributors, Threat Indicator Top Submitters, and Zero-Day Top Reporting for the period of July 1, 2018 – June 30, 2019. The Microsoft Active Protections Program provides security and protection to customers through...

6.9AI score
Exploits0
MSRC
MSRC
added 2019/07/25 7:0 a.m.14 views

Microsoft Announces Top Contributing Partners in the Microsoft Active Protections Program (MAPP)

Today we announce the top organizational candidates for Vulnerability Top Contributors, Threat Indicator Top Submitters, and Zero-Day Top Reporting for the period of July 1, 2018 – June 30, 2019. The Microsoft Active Protections Program provides security and protection to customers through...

2.3AI score
Exploits0
MSRC
MSRC
added 2019/07/22 7:19 p.m.88 views

Why Rust for safe systems programming

In this series, we have explored the need for proactive measures to eliminate a class of vulnerabilities and walked through some examples of memory safety issues we’ve found in Microsoft code that could have been avoided with a different language. Now we’ll peek at why we think that Rust represen...

2.5AI score
Exploits0
MSRC
MSRC
added 2019/07/22 6:12 p.m.84 views

Time zone updates for Brazil are available for 2019/2020

The June 2019 update provides below changes for Brazil Daylight Savings Time DST. Brazil has decided to no longer follow DST. DST won’t start on the first Sunday of November 2019 as previously scheduled. More details about latest DST changes for Brazil can be found here. To reflect these changes...

7AI score
Exploits0
MSRC
MSRC
added 2019/07/22 7:0 a.m.15 views

Why Rust for safe systems programming

In this series, we have explored the need for proactive measures to eliminate a class of vulnerabilities and walked through some examples of memory safety issues we’ve found in Microsoft code that could have been avoided with a different language. Now we’ll peek at why we think that Rust represen...

2.6AI score
Exploits0
MSRC
MSRC
added 2019/07/22 7:0 a.m.12 views

Why Rust for safe systems programming

In this series, we have explored the need for proactive measures to eliminate a class of vulnerabilities and walked through some examples of memory safety issues we’ve found in Microsoft code that could have been avoided with a different language. Now we’ll peek at why we think that Rust represen...

7.4AI score
Exploits0
MSRC
MSRC
added 2019/07/18 7:57 p.m.94 views

We need a safer systems programming language

In our first post in this series, we discussed the need for proactively addressing memory safety issues. Tools and guidance are demonstrably not preventing this class of vulnerabilities; memory safety issues have represented almost the same proportion of vulnerabilities assigned a CVE for over a...

1.7AI score
Exploits0
MSRC
MSRC
added 2019/07/18 7:0 a.m.14 views

We need a safer systems programming language

In our first post in this series, we discussed the need for proactively addressing memory safety issues. Tools and guidance are demonstrably not preventing this class of vulnerabilities; memory safety issues have represented almost the same proportion of vulnerabilities assigned a CVE for over a...

2.1AI score
Exploits0
MSRC
MSRC
added 2019/07/18 7:0 a.m.8 views

We need a safer systems programming language

In our first post in this series, we discussed the need for proactively addressing memory safety issues. Tools and guidance are demonstrably not preventing this class of vulnerabilities; memory safety issues have represented almost the same proportion of vulnerabilities assigned a CVE for over a...

7.3AI score
Exploits0
MSRC
MSRC
added 2019/07/17 8:49 p.m.130 views

Announcing the Microsoft Dynamics 365 Bounty program

One of Microsoft’s many security investments to protect customers is in the partnerships we build with the external security research community. We are excited to announce the launch of the Dynamics 365 Bounty program and welcome researchers to seek out and disclose any high impact vulnerabilitie...

0.9AI score
Exploits0
MSRC
MSRC
added 2019/07/17 7:0 a.m.12 views

Announcing the Microsoft Dynamics 365 Bounty program

One of Microsoft’s many security investments to protect customers is in the partnerships we build with the external security research community. We are excited to announce the launch of theDynamics 365 Bounty program and welcome researchers to seek out and disclose any high impact vulnerabilities...

7AI score
Exploits0
MSRC
MSRC
added 2019/07/17 7:0 a.m.12 views

Announcing the Microsoft Dynamics 365 Bounty program

One of Microsoft’s many security investments to protect customers is in the partnerships we build with the external security research community. We are excited to announce the launch of theDynamics 365 Bounty program and welcome researchers to seek out and disclose any high impact vulnerabilities...

0.9AI score
Exploits0
MSRC
MSRC
added 2019/07/16 8:49 p.m.103 views

A proactive approach to more secure code

What if we could eliminate an entire class of vulnerabilities before they ever happened? Since 2004, the Microsoft Security Response Centre MSRC has triaged every reported Microsoft security vulnerability. From all that triage one astonishing fact sticks out: as Matt Miller discussed in his 2019...

1.3AI score
Exploits0
MSRC
MSRC
added 2019/07/16 7:0 a.m.11 views

A proactive approach to more secure code

What if we could eliminate an entire class of vulnerabilities before they ever happened? Since 2004, the Microsoft Security Response Centre MSRC has triaged every reported Microsoft security vulnerability. From all that triage one astonishing fact sticks out: as Matt Miller discussed in his 2019...

7.2AI score
Exploits0
MSRC
MSRC
added 2019/07/16 7:0 a.m.15 views

A proactive approach to more secure code

What if we could eliminate an entire class of vulnerabilities before they ever happened? Since 2004, the Microsoft Security Response Centre MSRC has triaged every reported Microsoft security vulnerability. From all that triage one astonishing fact sticks out: as Matt Miller discussed in his 2019...

1AI score
Exploits0
MSRC
MSRC
added 2019/07/09 11:46 p.m.74 views

2019 年 7 月のセキュリティ更新プログラム (月例)

2019 年 7 月 10 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しました。...

0.3AI score
Exploits0
MSRC
MSRC
added 2019/07/09 5:0 p.m.46 views

July 2019 Security Update Release

We have released the July security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide...

3AI score
Exploits0
MSRC
MSRC
added 2019/07/09 7:0 a.m.9 views

2019 年 7 月のセキュリティ更新プログラム (月例)

2019 年 7 月 10 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...

0.3AI score
Exploits0
MSRC
MSRC
added 2019/07/09 7:0 a.m.8 views

日本セキュリティチーム ブログ移行のお知らせ

平素より、日本セキュリティチーム ブログをご愛読いただきありがとうございます。 日本セキュリティチーム ブ...

0.3AI score
Exploits0
MSRC
MSRC
added 2019/07/09 7:0 a.m.9 views

July 2019 Security Update Release

We have released the July security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide...

3AI score
Exploits0
MSRC
MSRC
added 2019/07/09 7:0 a.m.12 views

July 2019 Security Update Release

We have released the July security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide...

6.7AI score
Exploits0
Total number of security vulnerabilities1371