Lucene search
+L

1371 matches found

MSRC
MSRC
added 2019/07/09 4:18 a.m.32 views

日本セキュリティチーム ブログ移行のお知らせ

日本セキュリティチーム ブログが、新しいプラットフォームに移行してアドレスが変更になりました。旧アドレス https://blogs.technet.microsoft.com/jpsecurity/ をブラウザのお気に入りに登録や、RSS フィードの登録等で利用されている方は、お手数ですが、新たなアドレス https://aka.ms/jpsecurity へ変更をお願いします。...

7.3AI score
Exploits0
MSRC
MSRC
added 2019/07/02 12:5 a.m.16 views

Inside the MSRC – Building your own security incident response process

This is the third and last in a series of posts that looks at how Microsoft responds to elevated threats to customers through the Microsoft Security Response Center’s MSRC Software and Services Incident Response Plan SSIRP. Our previous posts discussed how Microsoft protects customers against...

2.3AI score
Exploits0
MSRC
MSRC
added 2019/07/01 7:0 a.m.8 views

Inside the MSRC – Building your own security incident response process

This is the third and last in a series of posts that looks at how Microsoft responds to elevated threats to customers through the Microsoft Security Response Center’s MSRC Software and Services Incident Response Plan SSIRP. Our previous posts discussed how Microsoft protects customers against...

2.2AI score
Exploits0
MSRC
MSRC
added 2019/07/01 7:0 a.m.8 views

Inside the MSRC – Building your own security incident response process

This is the third and last in a series of posts that looks at how Microsoft responds to elevated threats to customers through the Microsoft Security Response Center’s MSRC Software and Services Incident Response Plan SSIRP. Our previous posts discussed how Microsoft protects customers against...

6.8AI score
Exploits0
MSRC
MSRC
added 2019/06/27 5:8 p.m.20 views

Inside the MSRC – Anatomy of a SSIRP incident

This is the second in a series of blog posts that shares how the MSRC responds to elevated threats to customers through the Software and Services Incident Response Plan SSIRP. In our last blog post, we looked at the history of the Microsoft Security Response Center and SSIRP, and how Microsoft...

1.3AI score
Exploits0
MSRC
MSRC
added 2019/06/27 7:0 a.m.17 views

Inside the MSRC – Anatomy of a SSIRP incident

This is the second in a series of blog posts that shares how the MSRC responds to elevated threats to customers through the Software and Services Incident Response Plan SSIRP. In ourlast blog post, we looked at the history of the Microsoft Security Response Center and SSIRP, and how Microsoft tak...

6.8AI score
Exploits0
MSRC
MSRC
added 2019/06/27 7:0 a.m.26 views

Inside the MSRC – Anatomy of a SSIRP incident

This is the second in a series of blog posts that shares how the MSRC responds to elevated threats to customers through the Software and Services Incident Response Plan SSIRP. In ourlast blog post, we looked at the history of the Microsoft Security Response Center and SSIRP, and how Microsoft tak...

1.8AI score
Exploits0
MSRC
MSRC
added 2019/06/25 9:21 p.m.14 views

Inside the MSRC – Customer-centric incident response

The Microsoft Security Response Center MSRC is an integral part of Microsoft’s Cyber Defense Operations Center CDOC that brings together security response experts from across the company to help protect, detect, and respond to threats in real-time. Staffed with dedicated teams 24×7, the CDOC has...

0.7AI score
Exploits0
MSRC
MSRC
added 2019/06/25 7:0 a.m.11 views

Inside the MSRC – Customer-centric incident response

The Microsoft Security Response Center MSRC is an integral part of Microsoft’s Cyber Defense Operations Center CDOC that brings together security response experts from across the company to help protect, detect, and respond to threats in real-time. Staffed with dedicated teams 24x7, the CDOC has...

6.8AI score
Exploits0
MSRC
MSRC
added 2019/06/25 7:0 a.m.14 views

Inside the MSRC – Customer-centric incident response

The Microsoft Security Response Center MSRC is an integral part of Microsoft’s Cyber Defense Operations Center CDOC that brings together security response experts from across the company to help protect, detect, and respond to threats in real-time. Staffed with dedicated teams 24x7, the CDOC has...

0.4AI score
Exploits0
MSRC
MSRC
added 2019/06/15 3:48 a.m.372 views

Prevent the impact of a Linux worm by updating Exim (CVE-2019-10149)

This week, MSRC confirmed the presence of an active Linux worm leveraging a critical Remote Code Execution RCE vulnerability, CVE-2019-10149, in Linux Exim email servers running Exim version 4.87 to 4.91. Microsoft Azure infrastructure and Services are not affected; only customer’s Linux IaaS...

7.5CVSS1AI score0.99961EPSS
Exploits27
MSRC
MSRC
added 2019/06/14 12:27 a.m.68 views

Prevent the impact of a Linux worm by updating Exim (CVE-2019-10149)

This week, MSRC confirmed the presence of an active Linux worm leveraging a critical Remote Code Execution RCE vulnerability, CVE-2019-10149, in Linux Exim email servers running Exim version 4.87 to 4.91. Microsoft Azure infrastructure and Services are not affected; only customer’s Linux IaaS...

7.5CVSS3.9AI score0.99961EPSS
Exploits27
MSRC
MSRC
added 2019/06/13 7:0 a.m.33 views

Prevent the impact of a Linux worm by updating Exim (CVE-2019-10149)

This week, MSRC confirmed the presence of an active Linux worm leveraging a critical Remote Code Execution RCE vulnerability, CVE-2019-10149, in Linux Exim email servers running Exim version 4.87 to 4.91. Microsoft Azure infrastructure and Services are not affected; only customer’s Linux IaaS...

10CVSS7.5AI score0.99961EPSS
Exploits27
MSRC
MSRC
added 2019/06/13 7:0 a.m.57 views

Prevent the impact of a Linux worm by updating Exim (CVE-2019-10149)

This week, MSRC confirmed the presence of an active Linux worm leveraging a critical Remote Code Execution RCE vulnerability, CVE-2019-10149, in Linux Exim email servers running Exim version 4.87 to 4.91. Microsoft Azure infrastructure and Services are not affected; only customer’s Linux IaaS...

10CVSS5AI score0.99961EPSS
Exploits27
MSRC
MSRC
added 2019/06/11 11:48 p.m.18 views

2019 年 6 月のセキュリティ更新プログラム (月例)

2019 年 6 月 12 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しました。...

0.3AI score
Exploits0
MSRC
MSRC
added 2019/06/11 5:0 p.m.15 views

June 2019 security update release

Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide...

2.9AI score
Exploits0
MSRC
MSRC
added 2019/06/11 7:0 a.m.13 views

June 2019 security update release

Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide...

2.9AI score
Exploits0
MSRC
MSRC
added 2019/06/11 7:0 a.m.6 views

June 2019 security update release

Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide...

6.7AI score
Exploits0
MSRC
MSRC
added 2019/06/11 7:0 a.m.7 views

2019 年 6 月のセキュリティ更新プログラム (月例)

2019 年 6 月 12 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...

0.3AI score
Exploits0
MSRC
MSRC
added 2019/05/31 5:19 p.m.125 views

BlueHat Shanghai 2019: Amplifying the power of defensive partnerships around the world

Earlier this week BlueHat Shanghai brought together security researchers and hundreds of cybersecurity professionals from China and across Asia to explore the latest topics in cybersecurity research. Including presentations from Qihoo 360, Baidu, Alibaba and the Chinese Academy of Sciences, BlueH...

7.5AI score
Exploits0
MSRC
MSRC
added 2019/05/31 7:0 a.m.15 views

BlueHat Shanghai 2019: Amplifying the power of defensive partnerships around the world

Earlier this week BlueHat Shanghai brought together security researchers and hundreds of cybersecurity professionals from China and across Asia to explore the latest topics in cybersecurity research. Including presentations from Qihoo 360, Baidu, Alibaba and the Chinese Academy of Sciences, BlueH...

0.8AI score
Exploits0
MSRC
MSRC
added 2019/05/31 7:0 a.m.55 views

A Reminder to Update Your Systems to Prevent a Worm

On May 14, Microsoft released fixes for a critical Remote Code Execution vulnerability, CVE-2019-0708, in Remote Desktop Services – formerly known as Terminal Services – that affects some older versions of Windows. In our previous blog post on this topic we warned that the vulnerability is...

10CVSS2.7AI score0.99999EPSS
Exploits123
MSRC
MSRC
added 2019/05/31 7:0 a.m.12 views

BlueHat Shanghai 2019: Amplifying the power of defensive partnerships around the world

Earlier this week BlueHat Shanghai brought together security researchers and hundreds of cybersecurity professionals from China and across Asia to explore the latest topics in cybersecurity research. Including presentations from Qihoo 360, Baidu, Alibaba and the Chinese Academy of Sciences, BlueH...

7AI score
Exploits0
MSRC
MSRC
added 2019/05/31 7:0 a.m.46 views

A Reminder to Update Your Systems to Prevent a Worm

On May 14, Microsoft released fixes for a critical Remote Code Execution vulnerability, CVE-2019-0708, in Remote Desktop Services – formerly known as Terminal Services – that affects some older versions of Windows. In our previous blog post on this topic we warned that the vulnerability is...

10CVSS9.4AI score0.99999EPSS
Exploits123
MSRC
MSRC
added 2019/05/31 5:53 a.m.282 views

A Reminder to Update Your Systems to Prevent a Worm

On May 14, Microsoft released fixes for a critical Remote Code Execution vulnerability, CVE-2019-0708, in Remote Desktop Services – formerly known as Terminal Services – that affects some older versions of Windows. In our previous blog post on this topic we warned that the vulnerability is...

10CVSS1.7AI score0.99999EPSS
Exploits123
MSRC
MSRC
added 2019/05/30 7:30 a.m.76 views

Microsoft Launches a New Recognition Program for MAPP Partners

There are many dedicated people and organizations who contribute to the protection and security of our common customers. For years, Microsoft has recognized security researchers for helping protect the ecosystem. Now, we’re announcing the launch of a new program to better recognize and thank...

Exploits0
MSRC
MSRC
added 2019/05/30 7:0 a.m.9 views

Microsoft Launches a New Recognition Program for MAPP Partners

There are many dedicated people and organizations who contribute to the protection and security of our common customers. For years, Microsoft has recognized security researchers for helping protect the ecosystem. Now, we’re announcing the launch of a new program to better recognize and thank...

6.9AI score
Exploits0
MSRC
MSRC
added 2019/05/30 7:0 a.m.10 views

Microsoft Launches a New Recognition Program for MAPP Partners

There are many dedicated people and organizations who contribute to the protection and security of our common customers. For years, Microsoft has recognized security researchers for helping protect the ecosystem. Now, we’re announcing the launch of a new program to better recognize and thank...

2.6AI score
Exploits0
MSRC
MSRC
added 2019/05/29 5:33 p.m.15 views

Time travel debugging: It’s a blast! (from the past)

The Microsoft Security Response Center MSRC works to assess vulnerabilities that are externally reported to us as quickly as possible, but time can be lost if we have to confirm details of the repro steps or environment with the researcher to reproduce the vulnerability. Microsoft has made our...

1.5AI score
Exploits0
MSRC
MSRC
added 2019/05/29 7:0 a.m.10 views

Time travel debugging: It’s a blast! (from the past)

The Microsoft Security Response Center MSRC works to assess vulnerabilities that are externally reported to us as quickly as possible, but time can be lost if we have to confirm details of the repro steps or environment with the researcher to reproduce the vulnerability. Microsoft has made our...

7AI score
Exploits0
MSRC
MSRC
added 2019/05/29 7:0 a.m.9 views

Time travel debugging: It’s a blast! (from the past)

The Microsoft Security Response Center MSRC works to assess vulnerabilities that are externally reported to us as quickly as possible, but time can be lost if we have to confirm details of the repro steps or environment with the researcher to reproduce the vulnerability. Microsoft has made our...

0.2AI score
Exploits0
MSRC
MSRC
added 2019/05/14 5:5 p.m.325 views

Prevent a worm by updating Remote Desktop Services (CVE-2019-0708)

Today Microsoft released fixes for a critical Remote Code Execution vulnerability, CVE-2019-0708, in Remote Desktop Services – formerly known as Terminal Services – that affects some older versions of Windows. The Remote Desktop Protocol RDP itself is not vulnerable. This vulnerability is...

10CVSS2.5AI score0.99999EPSS
Exploits123
MSRC
MSRC
added 2019/05/14 5:0 p.m.42 views

May 2019 Security Update Release

Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide...

3AI score
Exploits0
MSRC
MSRC
added 2019/05/14 7:0 a.m.14 views

May 2019 Security Update Release

Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide...

3AI score
Exploits0
MSRC
MSRC
added 2019/05/14 7:0 a.m.10 views

May 2019 Security Update Release

Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide...

6.7AI score
Exploits0
MSRC
MSRC
added 2019/05/14 7:0 a.m.12 views

2019 年 5 月のセキュリティ更新プログラム (月例)

2019 年 5 月 15 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...

0.3AI score
Exploits0
MSRC
MSRC
added 2019/05/14 7:0 a.m.49 views

Prevent a worm by updating Remote Desktop Services (CVE-2019-0708)

Today Microsoft released fixes for a critical Remote Code Execution vulnerability, CVE-2019-0708, in Remote Desktop Services – formerly known as Terminal Services – that affects some older versions of Windows. The Remote Desktop Protocol RDP itself is not vulnerable. This vulnerability is...

10CVSS2.9AI score0.99999EPSS
Exploits123
MSRC
MSRC
added 2019/05/14 7:0 a.m.69 views

Prevent a worm by updating Remote Desktop Services (CVE-2019-0708)

Today Microsoft released fixes for a critical Remote Code Execution vulnerability, CVE-2019-0708, in Remote Desktop Services – formerly known as Terminal Services – that affects some older versions of Windows. The Remote Desktop Protocol RDP itself is not vulnerable. This vulnerability is...

10CVSS9.4AI score0.99999EPSS
Exploits123
MSRC
MSRC
added 2019/04/09 5:42 p.m.49 views

April 2019 Security Update Release

Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide. Tags Security Advisory Securi...

3.2AI score
Exploits0
MSRC
MSRC
added 2019/04/09 7:0 a.m.6 views

2019 年 4 月のセキュリティ更新プログラム (月例)

2019 年 4 月 10 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...

0.3AI score
Exploits0
MSRC
MSRC
added 2019/04/09 7:0 a.m.12 views

April 2019 Security Update Release

Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide. Tags Security Advisory Securi...

3.2AI score
Exploits0
MSRC
MSRC
added 2019/04/09 7:0 a.m.18 views

April 2019 Security Update Release

Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide. Tags Security Advisory Securi...

6.7AI score
Exploits0
MSRC
MSRC
added 2019/04/02 10:32 p.m.88 views

Microsoft Bounty Program Updates: Faster bounty review, faster payments, and higher rewards

In 2018 The Microsoft Bounty Program awarded over $2,000,000 to encourage and reward external security research in key technologies to protect our customers. Building on that success, we are excited to announce a number of improvements in our bounty programs to better serve the security research...

7.4AI score
Exploits0
MSRC
MSRC
added 2019/04/02 7:0 a.m.11 views

Microsoft Bounty Program Updates: Faster bounty review, faster payments, and higher rewards

In 2018 The Microsoft Bounty Program awarded over $2,000,000 to encourage and reward external security research in key technologies to protect our customers. Building on that success, we are excited to announce a number of improvements in our bounty programs to better serve the security research...

6.8AI score
Exploits0
MSRC
MSRC
added 2019/04/02 7:0 a.m.8 views

Microsoft Bounty Program Updates: Faster bounty review, faster payments, and higher rewards

In 2018 The Microsoft Bounty Program awarded over $2,000,000 to encourage and reward external security research in key technologies to protect our customers. Building on that success, we are excited to announce a number of improvements in our bounty programs to better serve the security research...

0.3AI score
Exploits0
MSRC
MSRC
added 2019/03/19 7:0 a.m.8 views

Vulnerability hunting with Semmle QL, part 2

The first part of this series introduced Semmle QL, and how the Microsoft Security Response Center MSRC are using it to investigate variants of vulnerabilities reported to us. This post discusses an example of how we’ve been using it proactively, covering a security audit of an Azure firmware...

6.9AI score
Exploits0
MSRC
MSRC
added 2019/03/19 7:0 a.m.10 views

Vulnerability hunting with Semmle QL, part 2

The first part of this series introduced Semmle QL, and how the Microsoft Security Response Center MSRC are using it to investigate variants of vulnerabilities reported to us. This post discusses an example of how we’ve been using it proactively, covering a security audit of an Azure firmware...

2.8AI score
Exploits0
MSRC
MSRC
added 2019/03/16 2:56 a.m.210 views

Join Microsoft Security Response at the Product Security Operations forum at LocoMocoSec!

The MSRC is more than managing vulnerability reports, publishing Microsoft security updates, and defending the cloud. The MSRC is passionate about helping everyone improve internal engineering practices and supporting the defender community, and are excited to partner with Blackberry to host a...

Exploits0
MSRC
MSRC
added 2019/03/15 7:0 a.m.8 views

Join Microsoft Security Response at the Product Security Operations forum at LocoMocoSec!

The MSRC is more than managing vulnerability reports, publishing Microsoft security updates, and defending the cloud. The MSRC is passionate about helping everyone improve internal engineering practices and supporting the defender community, and are excited to partner with Blackberry to host a...

1AI score
Exploits0
MSRC
MSRC
added 2019/03/15 7:0 a.m.7 views

Join Microsoft Security Response at the Product Security Operations forum at LocoMocoSec!

The MSRC is more than managing vulnerability reports, publishing Microsoft security updates, and defending the cloud. The MSRC is passionate about helping everyone improve internal engineering practices and supporting the defender community, and are excited to partner with Blackberry to host a...

6.8AI score
Exploits0
Total number of security vulnerabilities1371