1365 matches found
2018 年 7 月のセキュリティ更新プログラム (月例)
2018 年 7 月 11 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...
July 2018 Security Update Release
Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide...
July 2018 Security Update Release
Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide...
Announcing Changes to Microsoft’s Mitigation Bypass Bounty
Today we’re announcing a change to the Mitigation Bypass Bounty that removes Control Flow Guard CFG from the set of in-scope mitigations. In this blog, we’ll provide additional background and explain why we’re making this change. Mitigation Bypass Bounty Background Microsoft started the Mitigatio...
Announcing Changes to Microsoft’s Mitigation Bypass Bounty
Today we’re announcing a change to the Mitigation Bypass Bounty that removes Control Flow Guard CFG from the set of in-scope mitigations. In this blog, we’ll provide additional background and explain why we’re making this change. Mitigation Bypass Bounty Background Mitigation Bypass Bounty...
June 2018 Security Update Release
Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide. MSRC team...
2018 年 6 月のセキュリティ更新プログラム (月例)
2018/6/21 更新: 2 件のセキュリティ アドバイザリ ADV180016 および ADV180010 の情報を追加しました。 -------------- 2018 年 6 月 13 日 日本時間、マ...
June 2018 Security Update Release
Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide. MSRC team...
Draft of Microsoft Security Servicing Commitments for Windows
Updated September 10, 2018 The Servicing Criteria for Windows has transitioned to an official document and can be found at the link below. Microsoft thanks the members of the research community who provided feedback on the draft copy. Microsoft Security Servicing Criteria for Windows...
June 2018 Security Update Release
Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide. MSRC team...
Draft of Microsoft Security Servicing Commitments for Windows
Updated September 10, 2018 The Servicing Criteria for Windows has transitioned to an official document and can be found at the link below. Microsoft thanks the members of the research community who provided feedback on the draft copy. Microsoft Security Servicing Criteria for Windows...
Analysis and mitigation of speculative store bypass (CVE-2018-3639)
In January, 2018, Microsoft published an advisory and security updates for a new class of hardware vulnerabilities involving speculative execution side channels known as Spectre and Meltdown. In this blog post, we will provide a technical analysis of an additional subclass of speculative executio...
Analysis and mitigation of speculative store bypass (CVE-2018-3639)
In January, 2018, Microsoft published an advisory and security updates for a new class of hardware vulnerabilities involving speculative execution side channels known as Spectre and Meltdown. In this blog post, we will provide a technical analysis of an additional subclass of speculative executio...
May 2018 security update release
Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide. MSRC team...
May 2018 security update release
Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide. MSRC team...
May 2018 security update release
Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide. MSRC team...
2018 年 5 月のセキュリティ更新プログラム (月例)
2018 年 5 月 9 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...
BlueHat v18 Announced & Call for Papers Opens
We are back! Microsoft is excited to announce the next installment of the BlueHat Security Conference – BlueHat v18. We will be holding the event at Microsoft’s headquarter campus September 25-27, 2018. This year we are adding the option for workshops and networking on the first day prior to the...
BlueHat v18 Announced & Call for Papers Opens
We are back! Microsoft is excited to announce the next installment of the BlueHat Security Conference – BlueHat v18. We will be holding the event at Microsoft’s headquarter campus September 25-27, 2018. This year we are adding the option for workshops and networking on the first day prior to the...
Hyper-V Debugging Symbols Are Publicly Available
The security of Microsoft’s cloud services is a top priority for us. One of the technologies that is central to cloud security is Microsoft Hyper-V which we use to isolate tenants from one another in the cloud. Given the importance of this technology, Microsoft has made and continues to make...
Hyper-V Debugging Symbols Are Publicly Available
The security of Microsoft’s cloud services is a top priority for us. One of the technologies that is central to cloud security is Microsoft Hyper-V which we use to isolate tenants from one another in the cloud. Given the importance of this technology, Microsoft has made and continues to make...
Recognizing Q3 Top 5 Bounty Hunters
Throughout the year, security researchers submit some amazing work to us under the Microsoft Bug Bounty program. Starting this quarter, we want to give a shout out to and acknowledge the hard work and dedication of the following individuals and companies who have contributed to securing Microsoft...
Recognizing Q3 Top 5 Bounty Hunters
Throughout the year, security researchers submit some amazing work to us under the Microsoft Bug Bounty program. Starting this quarter, we want to give a shout out to and acknowledge the hard work and dedication of the following individuals and companies who have contributed to securing Microsoft...
Recognizing Q3 Top 5 Bounty Hunters
Throughout the year, security researchers submit some amazing work to us under the Microsoft Bug Bounty program. Starting this quarter, we want to give a shout out to and acknowledge the hard work and dedication of the following individuals and companies who have contributed to securing Microsoft...
「Emotet」の大規模感染を阻止した人工知能のしくみ
本記事は、Microsoft Secure のブログ “How artificial intelligence stopped an Emotet outbreak” 2018 年 2 月 14 日 米国時間公開...
挙動監視と機械学習で大規模な「Dofoil」によるコイン マイニング攻撃を阻止
本記事は、Microsoft Secure のブログ “Behavior monitoring combined with machine learning spoils a massive Dofoil coin mining campaign” 2018 年...
April 2018 security update release
Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice. More information about this...
April 2018 security update release
Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice. More information about this...
2018 年 4 月のセキュリティ更新プログラム (月例)
2018 年 4 月 11 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...
April 2018 security update release
Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice. More information about this...
DLL の植え付けの脆弱性のトリアージ
本記事は、Security Research & Defense のブログ “Triaging a DLL planting vulnerability” 2018 年 4 月...
Triaging a DLL planting vulnerability
DLL planting aka binary planting/hijacking/preloading resurface every now and then, it is not always clear on how Microsoft will respond to the report. This blog post will try to clarify the parameters considered while triaging DLL planting issues. It is well known that when an application loads ...
Triaging a DLL planting vulnerability
DLL planting aka binary planting/hijacking/preloading resurface every now and then, it is not always clear on how Microsoft will respond to the report. This blog post will try to clarify the parameters considered while triaging DLL planting issues. It is well known that when an application loads ...
KVA Shadow: Mitigating Meltdown on Windows
On January 3rd, 2018, Microsoft released an advisory and security updates that relate to a new class of discovered hardware vulnerabilities, termed speculative execution side channels, that affect the design methodology and implementation decisions behind many modern microprocessors. This post...
投機的実行に関する報奨金プログラムの開始
本記事は、Microsoft Security Response Center のブログ “Speculative Execution Bounty Launch” 2016 年 3 月 14 日 米国...
KVA Shadow: Mitigating Meltdown on Windows
On January 3rd, 2018, Microsoft released an advisory and security updates that relate to a new class of discovered hardware vulnerabilities, termed speculative execution side channels, that affect the design methodology and implementation decisions behind many modern microprocessors. This post...
Speculative Execution Bounty Launch
Today, Microsoft is announcing the launch of a limited-time bounty program for speculative execution side channel vulnerabilities. This new class of vulnerabilities was disclosed in January 2018 and represented a major advancement in the research in this field. In recognition of that threat...
Mitigating speculative execution side channel hardware vulnerabilities
On January 3rd, 2018, Microsoft released an advisory and security updates related to a newly discovered class of hardware vulnerabilities involving speculative execution side channels known as Spectre and Meltdown that affect AMD, ARM, and Intel CPUs to varying degrees. If you haven’t had a chanc...
Mitigating speculative execution side channel hardware vulnerabilities
On January 3rd, 2018, Microsoft released an advisory and security updates related to a newly discovered class of hardware vulnerabilities involving speculative execution side channels known as Spectre and Meltdown that affect AMD, ARM, and Intel CPUs to varying degrees. If you haven’t had a chanc...
Speculative Execution Bounty Launch
Today, Microsoft is announcing the launch of a limited-time bounty program for speculative execution side channel vulnerabilities. This new class of vulnerabilities was disclosed in January 2018 and represented a major advancement in the research in this field. In recognition of that threat...
Speculative Execution Bounty Launch
Today, Microsoft is announcing the launch of a limited-time bounty program for speculative execution side channel vulnerabilities. This new class of vulnerabilities was disclosed in January 2018 and represented a major advancement in the research in this field. In recognition of that threat...
March 2018 security update release
Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice. More information about this...
March 2018 security update release
Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice. More information about this...
2018 年 3 月のセキュリティ更新プログラム (月例)
2018 年 3 月 14 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...
March 2018 security update release
Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice. More information about this...
Petya や WannaCrypt などのラピッド サイバー攻撃を緩和する方法
本記事は、Microsoft Secure ブログ “How to mitigate rapid cyberattacks such as Petya and WannaCrypt” 2018 年 2 月 21 日 米国時...
ラピッド サイバー攻撃の一種、Petya の概要
本記事は、Microsoft Secure ブログ “Overview of Petya, a rapid cyberattack” 2018 年 2 月 5 日 米...
セキュリティ更新プログラムの情報を API で取得する方法を紹介するビデオを YouTube で公開しています
セキュリティ更新プログラムの情報は「セキュリティ更新プログラム ガイド」ダッシュボードから入手できるこ...
Inside the MSRC– The Monthly Security Update Releases
For the second in this series of blog entries we want to look into which vulnerability reports make it into the monthly release cadence. It may help to start with some history. In September 2003 we made a change from a release anytime approach to a mostly predictable, monthly release cadence...
Inside the MSRC– The Monthly Security Update Releases
For the second in this series of blog entries we want to look into which vulnerability reports make it into the monthly release cadence. It may help to start with some history. In September 2003 we made a change from a release anytime approach to a mostly predictable, monthly release cadence...