1365 matches found
2020 年 IE, Edge で TLS 1.0, 1.1 での接続無効化。確認を!
こんにちは、垣内ゆりかです。 マイクロソフトでは、Transport Layer Security TLS 1.0, 1.1 の利用を廃止し、より安全...
[セキュリティ基本対策 5 か条] 第 5 条 バックアップの取得を設定する
注: この内容は一般の方を対象とした記述にしています。 今日はセキュリティ基本対策 5 か条の第 5 条「バック...
October 2018 Security Update Release
Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide. MSRC team...
2018 年 10 月のセキュリティ更新プログラム (月例)
2018 年 10 月 10 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...
October 2018 Security Update Release
Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide. MSRC team...
October 2018 Security Update Release
Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide. MSRC team...
[セキュリティ基本対策 5 か条] 第 4 条 暗号化を行う
注: この内容は一般の方を対象とした記述にしています。 今日はセキュリティ基本対策 5 か条の第 4 条「暗号化...
Standing behind “MSRC Listens”
Last week at BlueHat’s “MSRC Listens” session, I took the stage with Mechele Gruhn, manager of the Vulnerability Response PM team, to explain how MSRC is changing our communication, workflows, and tooling to deliver an improved user experience for our partners in the security research community. ...
Standing behind “MSRC Listens”
Last week at BlueHat’s “MSRC Listens” session, I took the stage with Mechele Gruhn, manager of the Vulnerability Response PM team, to explain how MSRC is changing our communication, workflows, and tooling to deliver an improved user experience for our partners in the security research community. ...
Standing behind “MSRC Listens”
Last week at BlueHat’s “MSRC Listens” session, I took the stage with Mechele Gruhn, manager of the Vulnerability Response PM team, to explain how MSRC is changing our communication, workflows, and tooling to deliver an improved user experience for our partners in the security research community. ...
[セキュリティ基本対策 5 か条] 第 3 条 アカウントやパスワードを管理する
注: この内容は一般の方を対象とした記述にしています。 今日はセキュリティ基本対策 5 か条の第 3 条「アカウ...
Behind BlueHat: The Art
We are just one day away from the opening of BlueHat v18 and excitement is building. One of the questions that I have gotten more frequently the past couple years is about the artwork we use for BlueHat. So yes there is a theme. 😊 Starting in 2014, we introduced the Top Hat logo which the communi...
Behind BlueHat: The Art
We are just one day away from the opening of BlueHat v18 and excitement is building. One of the questions that I have gotten more frequently the past couple years is about the artwork we use for BlueHat. So yes there is a theme. 😊 Starting in 2014, we introduced the Top Hat logo which the communi...
[セキュリティ基本対策 5 か条] 第 2 条 アクション センターで PC のセキュリティやメンテナンス状況に問題がないかを確認する
注: この内容は一般の方を対象とした記述にしています。 今日はセキュリティ基本対策 5 か条の第 2 条「アクシ...
[セキュリティ基本対策 5 か条] 第 1 条 最新の状態で利用する
注: この内容は一般の方を対象とした記述にしています。 今日はセキュリティ基本対策 5 か条の第 1 条「最新の...
September 2018 Security Update Release
Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide. MSRC team...
September 2018 Security Update Release
Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide. MSRC team...
September 2018 Security Update Release
Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide. MSRC team...
2018 年 9 月のセキュリティ更新プログラム (月例)
2018 年 9 月 12 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...
セキュリティ更新プログラム リリース スケジュール (2018 年)
概要 概要 セキュリティ更新プログラムは通常、米国日付の毎月第 2 火曜日に公開します。日本では、時差の関係...
Microsoft Security Servicing Criteria for Windows
One of our goals in the Microsoft Security Response Center MSRC is to be more transparent with security researchers and our customers on the criteria we use for determining when we intend to address a reported vulnerability through a security update. Our belief is that improving transparency on...
Microsoft Security Servicing Criteria for Windows
One of our goals in the Microsoft Security Response Center MSRC is to be more transparent with security researchers and our customers on the criteria we use for determining when we intend to address a reported vulnerability through a security update. Our belief is that improving transparency on...
Inside MSRC: Sharing Our Story & Customer Tips
For the last 20 years, the Microsoft Security Response Center has been an integral part of Microsoft’s commitment to customer security. We are often called on to talk about the work we do and how customers can apply the lessons we have learned over that period to better their security posture...
Inside MSRC: Sharing Our Story & Customer Tips
For the last 20 years, the Microsoft Security Response Center has been an integral part of Microsoft’s commitment to customer security. We are often called on to talk about the work we do and how customers can apply the lessons we have learned over that period to better their security posture...
Inside MSRC: Sharing Our Story & Customer Tips
For the last 20 years, the Microsoft Security Response Center has been an integral part of Microsoft’s commitment to customer security. We are often called on to talk about the work we do and how customers can apply the lessons we have learned over that period to better their security posture...
2018 年 10 月 Office 365 で TLS 1.0, 1.1 での接続無効化。 最終確認を!
こんにちは、垣内ゆりかです。 マイクロソフトでは、Transport Layer Security TLS 1.0, 1.1 の利用を廃止し、より安全...
Vulnerability hunting with Semmle QL, part 1
Previously on this blog, we’ve talked about how MSRC automates the root cause analysis of vulnerabilities reported and found. After doing this, our next step is variant analysis: finding and investigating any variants of the vulnerability. It’s important that we find all such variants and patch...
Vulnerability hunting with Semmle QL, part 1
Previously on this blog, we’ve talked about how MSRC automates the root cause analysis of vulnerabilities reported and found. After doing this, our next step is variant analysis: finding and investigating any variants of the vulnerability. It’s important that we find all such variants and patch...
August 2018 Security Update Release
Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide. MSRC team...
August 2018 Security Update Release
Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide. MSRC team...
2018 年 8 月のセキュリティ更新プログラム (月例)
2018 年 8 月 15 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...
August 2018 Security Update Release
Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide. MSRC team...
Analysis and mitigation of L1 Terminal Fault (L1TF)
In January 2018, Microsoft released an advisory and security updates for a new class of hardware vulnerabilities involving speculative execution side channels known as Spectre and Meltdown. In this blog post, we will provide a technical analysis of a new speculative execution side channel...
Analysis and mitigation of L1 Terminal Fault (L1TF)
In January 2018, Microsoft released an advisory and security updates for a new class of hardware vulnerabilities involving speculative execution side channels known as Spectre and Meltdown. In this blog post, we will provide a technical analysis of a new speculative execution side channel...
Microsoft’s Top 100 Security Researchers – Black Hat 2018 Edition
This morning we are excited to unveil the security researcher leaderboard at the Black Hat Security Conference. This list recognizes the top security researchers who have contributed research to the Microsoft products and services. If you are curious on how we build the list, check out our blog...
Microsoft’s Top 100 Security Researchers – Black Hat 2018 Edition
This morning we are excited to unveil the security researcher leaderboard at the Black Hat Security Conference. This list recognizes the top security researchers who have contributed research to the Microsoft products and services. If you are curious on how we build the list, check out our blog...
Microsoft’s Top 100 Security Researchers – Black Hat 2018 Edition
This morning we are excited to unveil the security researcher leaderboard at the Black Hat Security Conference. This list recognizes the top security researchers who have contributed research to the Microsoft products and services. If you are curious on how we build the list, check out our blog...
Announcing the BlueHat v18 Schedule
Where did the summer go? This year the BlueHat Security Conference moved forward in the schedule to late September. Next year it will settle into a steady orbit of early October moving forward. With that change in schedule, it is hard to believe that it is time to reveal the schedule for BlueHat...
Announcing the BlueHat v18 Schedule
Where did the summer go? This year the BlueHat Security Conference moved forward in the schedule to late September. Next year it will settle into a steady orbit of early October moving forward. With that change in schedule, it is hard to believe that it is time to reveal the schedule for BlueHat...
The Making of the Top 100 Researcher List
At Black Hat USA each year, we unveil the Top 100 Security Researcher list to reflect the amazing engagement we get from the community. During this period, we had several thousand researchers engage with the Microsoft Security Response Center MSRC. We appreciate all the partnership and coordinati...
The Making of the Top 100 Researcher List
At Black Hat USA each year, we unveil the Top 100 Security Researcher list to reflect the amazing engagement we get from the community. During this period, we had several thousand researchers engage with the Microsoft Security Response Center MSRC. We appreciate all the partnership and coordinati...
The Making of the Top 100 Researcher List
At Black Hat USA each year, we unveil the Top 100 Security Researcher list to reflect the amazing engagement we get from the community. During this period, we had several thousand researchers engage with the Microsoft Security Response Center MSRC. We appreciate all the partnership and coordinati...
Recognizing Q4 Top 5 Bounty Hunters
We have tabulated the results from April-June 2018. The Top 5 Bounty Hunters for Q4 are now in. As with our list from Q3, we want to recognize both the leaders in payouts and in number of successful submissions. We appreciate the hard work and dedication of the following individuals and companies...
Recognizing Q4 Top 5 Bounty Hunters
We have tabulated the results from April-June 2018. The Top 5 Bounty Hunters for Q4 are now in. As with our list from Q3, we want to recognize both the leaders in payouts and in number of successful submissions. We appreciate the hard work and dedication of the following individuals and companies...
Recognizing Q4 Top 5 Bounty Hunters
We have tabulated the results from April-June 2018. The Top 5 Bounty Hunters for Q4 are now in. As with our list from Q3, we want to recognize both the leaders in payouts and in number of successful submissions. We appreciate the hard work and dedication of the following individuals and companies...
EMET サポート終了 – Windows Defender Exploitation Guard へ移行を
こんにちは、垣内ゆりかです。 2009 年にリリースされて以来、最先端の攻撃緩和を追加する無償のツールとして、...
Microsoft launches Identity Bounty program
Modern security depends today on collaborative communication of identities and identity data within and across domains. A customer’s digital identity is often the key to accessing services and interacting across the internet. Microsoft has invested heavily in the security and privacy of both our...
Microsoft launches Identity Bounty program
Modern security depends today on collaborative communication of identities and identity data within and across domains. A customer’s digital identity is often the key to accessing services and interacting across the internet. Microsoft has invested heavily in the security and privacy of both our...
Microsoft launches Identity Bounty program
Modern security depends today on collaborative communication of identities and identity data within and across domains. A customer’s digital identity is often the key to accessing services and interacting across the internet. Microsoft has invested heavily in the security and privacy of both our...
July 2018 Security Update Release
Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide...