Extending Microsoft Edge Bounty Program

Over the past 10 months, we’ve paid out more than $200,000 USD in bounties to researchers reporting vulnerabilities through the Microsoft Edge Bounty Program. Partnering with the research community has helped improve Microsoft Edge security, and to continue this collaboration, today were extendin...

Extending Microsoft Edge Bounty Program

Over the past 10 months, we’ve paid out more than $200,000 USD in bounties to researchers reporting vulnerabilities through the Microsoft Edge Bounty Program. Partnering with the research community has helped improve Microsoft Edge security, and to continue this collaboration, today we're extendi...

ランサムウェア WannaCrypt 攻撃に関するお客様ガイダンス

概要 概要 2017 年 5 月 12 日 米国時間 より、マイクロソフトは、イギリスを始めとする複数の国の医療機関やその...

Customer Guidance for WannaCrypt attacks

Microsoft solution available to protect additional products Today many of our customers around the world and the critical systems they depend on were victims of malicious “WannaCrypt” software. Seeing businesses and individuals affected by cyberattacks, such as the ones reported today, was painfu...

Customer Guidance for WannaCrypt attacks

Microsoft solution available to protect additional products Today many of our customers around the world and the critical systems they depend on were victims of malicious “WannaCrypt” software. Seeing businesses and individuals affected by cyberattacks, such as the ones reported today, was painfu...

Encapsulated PostScript (EPS) の脆弱性を利用した攻撃に対処するために団結する

本記事は、MSRC Team のブログ “Coming together to address Encapsulated PostScript EPS attacks” 2017 年 5 月 9 日 米国時間公開 を翻...

Coming together to address Encapsulated PostScript (EPS) attacks

Today’s security updates include three updates that exemplify how the security ecosystem can come together to help protect consumers and enterprises. We would like to thank FireEye and ESET for working with us. Customers that have the latest security updates installed are protected against the...

2017 年 5 月のセキュリティ更新プログラム (月例)

2017 年 5 月 10 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...

Coming together to address Encapsulated PostScript (EPS) attacks

Today’s security updates include three updates that exemplify how the security ecosystem can come together to help protect consumers and enterprises. We would like to thank FireEye and ESET for working with us. Customers that have the latest security updates installed are protected against the...

May 2017 security update release

Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice. More information about this...

May 2017 security update release

Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice. More information about this...

セキュリティ更新プログラム ガイドに関するフィードバックをお待ちしています

本記事は、 MSRC Team のブログ “ Taking your feedback on the Security Update Guide” 2017 年 4 月 21 日 米国時間公開 を翻訳したものです。 2016 年...

Taking your feedback on the Security Update Guide

The Security Update Guide has been in public preview since November 2016. This month marked our first release when security update information was published entirely in the new format. Over the last few months, customers and partners have provided a lot of feedback on the direction and...

Taking your feedback on the Security Update Guide

The Security Update Guide has been in public preview since November 2016. This month marked our first release when security update information was published entirely in the new format. Over the last few months, customers and partners have provided a lot of feedback on the direction and...

Bountycraft at Nullcon 2017

Security is a critical component of our products at Microsoft. A strong emphasis on security is a persistent factor throughout our entire development process. Microsoft is committed to designing and developing secure software. Testing is performed both internally and by working closely with the...

Bountycraft at Nullcon 2017

Security is a critical component of our products at Microsoft. A strong emphasis on security is a persistent factor throughout our entire development process. Microsoft is committed to designing and developing secure software. Testing is performed both internally and by working closely with the...

Protecting customers and evaluating risk

Today, Microsoft triaged a large release of exploits made publicly available by Shadow Brokers. Understandingly, customers have expressed concerns around the risk this disclosure potentially creates. Our engineers have investigated the disclosed exploits, and most of the exploits are already...

Protecting customers and evaluating risk

Today, Microsoft triaged a large release of exploits made publicly available by Shadow Brokers. Understandingly, customers have expressed concerns around the risk this disclosure potentially creates. Our engineers have investigated the disclosed exploits, and most of the exploits are already...

セキュリティ更新プログラム ガイド (Security Update Guide) を使ってみよう

※ 2020 年 11 月に、セキュリティ更新プログラム ガイドがリニューアルしています。新しいセキュリティ更新プログ...

2017 年 4 月のセキュリティ更新プログラム (月例)

2017 年 4 月 12 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...

April 2017 security update release

Today we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide. MSRC team...

April 2017 security update release

Today we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide. MSRC team...

Windows Defender ATP でクロスプロセス インジェクションを発見する

本記事は、Microsoft Malware Protection Center のブログ “Uncovering cross-process injection with Windows Defender ATP” 2017 年 3 月 8 日 米国時...

Advanced Threat Analytics プレイブックを使って攻撃をシミュレーションし検出する方法

本記事は、Microsoft Advanced Threat Analytics Team のブログ “How to simulate and detect attacks with the Advanced Threat Analytics Playbook” 2017 年 2 月 23...

マイクロソフト報奨金プログラムの拡張 – Windows 用の Office Insider ビルドに関する報奨金プログラム

本記事は、Microsoft Security Response Center のブログ “Announcing the new Bug Bounty Program for Office Insider Builds on Windows”...

Microsoft BlueHat v17 Dates Announced - Update 4/3/2017

Update - The Call For Papers CFP for BlueHat v17 will be held from 6/1/2017 - 8/18/2017. We will be setting up a submissions portal for web based submissions of papers. The portal will be live on 6/1/2017. Please do not send submissions to [email protected]. Microsoft is pleased to announce...

Microsoft BlueHat v17 Dates Announced - Update 4/3/2017

Update - The Call For Papers CFP for BlueHat v17 will be held from 6/1/2017 - 8/18/2017. We will be setting up a submissions portal for web based submissions of papers. The portal will be live on 6/1/2017. Please do not send submissions to [email protected]. Microsoft is pleased to announce...

Announcing the new Bug Bounty Program for Office Insider Builds on Windows

We’ve engineered Office to be secure by design and continually invest in enhancing its security capabilities. In the spirit of maintaining a high security bar in Office, we’re launching the Bug Bounty Program for Office Insider Builds on Windows. The Office Bug Bounty Program complements our...

Announcing the new Bug Bounty Program for Office Insider Builds on Windows

We’ve engineered Office to be secure by design and continually invest in enhancing its security capabilities. In the spirit of maintaining a high security bar in Office, we’re launching the Bug Bounty Program for Office Insider Builds on Windows. The Office Bug Bounty Program complements our...

March 2017 security update release

Today we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide. Security bulletins were also...

March 2017 security update release

Today we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide. Security bulletins were also...

2017 年 3 月のセキュリティ情報 (月例) - MS17-006 ～ MS17-023

2017 年 3 月 15 日 日本時間、マイクロソフトは計 18 件 緊急 9 件、重要 9 件 の新規セキュリティ情報を公開し...

Office 365 のセキュリティ研究者の皆さまへ: 2017 年 3 月 ～ 5 月は報奨金が 2 倍になります

本記事は、Microsoft Security Response Center のブログ “Office 365 security researchers: Double your bounties March-May 2017” 2017 年 3 月 1 日 米国時間...

Office 365 security researchers: Double your bounties March-May 2017

Microsoft strives to protect our customers and we’re constantly improving our security posture to meet their needs. We realize the desire of researchers and customers to security test our services to ensure they can trust us and our solutions. We also believe that if a researcher informs us of a...

Office 365 security researchers: Double your bounties March-May 2017

Microsoft strives to protect our customers and we’re constantly improving our security posture to meet their needs. We realize the desire of researchers and customers to security test our services to ensure they can trust us and our solutions. We also believe that if a researcher informs us of a...

SHA-1 Collisions Research

Today, a group of eight researchers from across the security industry released a research report on SHA-1 that demonstrates for the first time, a “hash collision” for the full SHA-1 hash algorithm called “SHAttered”. This is a significant step toward understanding this type of security issue, a...

SHA-1 Collisions Research

Today, a group of eight researchers from across the security industry released a research report on SHA-1 that demonstrates for the first time, a “hash collision” for the full SHA-1 hash algorithm called “SHAttered”. This is a significant step toward understanding this type of security issue, a...

Adobe Flash Player の脆弱性を修正するセキュリティ更新プログラムを定例外で公開

本日、セキュリティ情報 MS17-005「Adobe Flash Player のセキュリティ更新プログラム」を公開しました。...

Adobe Flash Player security vulnerability release

Today, we released an Adobe Flash Player security update to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about these updates can be found on the Security Update Guide. MSRC team...

Adobe Flash Player security vulnerability release

Today, we released an Adobe Flash Player security update to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about these updates can be found on the Security Update Guide. MSRC team...

February 2017 security update release

UPDATE: 2/15/17: We will deliver updates as part of the planned March Update Tuesday, March 14, 2017. Our top priority is to provide the best possible experience for customers in maintaining and protecting their systems. This month, we discovered a last minute issue that could impact some custome...

February 2017 security update release

UPDATE: 2/15/17: We will deliver updates as part of the planned March Update Tuesday, March 14, 2017. Our top priority is to provide the best possible experience for customers in maintaining and protecting their systems. This month, we discovered a last minute issue that could impact some custome...

2017 年 2 月のセキュリティ更新プログラム リリース

本記事は、MSRC のブログ “February 2017 security update release” 2017 年 2 月 14 日 米国時間公開 を翻訳し...

シンプル化された Windows 7 および Windows 8.1 のサービス モデル: 最新の改善点について

本記事は、Windows for IT Pros のブログ "Simplified servicing for Windows 7 and Windows 8.1: the latest improvements" 2017 年 1 月 13 日 米国時間公開 を翻訳したもの...

EMET 5.52 update is now available

EMET 5.52 is the latest version of the Enhanced Mitigation Experience Toolkit EMET and is now available for download. EMET 5.52 is a minor update from EMET 5.51 to address the following: An issue with the EAF mitigation that causes some applications to hang on Windows 7 SP1. A fix to the MSI...

EMET 5.52 update is now available

EMET 5.52 is the latest version of the Enhanced Mitigation Experience Toolkit EMET and is now available for download. EMET 5.52 is a minor update from EMET 5.51 to address the following: An issue with the EAF mitigation that causes some applications to hang on Windows 7 SP1. A fix to the MSI...

January 2017 security update release

Today we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to apply security updates as soon as they are released. More information about this month’s security updates and advisories can be found in the Security...

January 2017 security update release

Today we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to apply security updates as soon as they are released. More information about this month’s security updates and advisories can be found in the Security...

2017 年 1 月のセキュリティ情報 (月例) - MS17-001 ～ MS17-004

2017 年 1 月 11 日 日本時間、マイクロソフトは計 4 件 緊急 1 件、重要 3 件 の新規セキュリティ情報を公開し...

December 2016 security update release

Today we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to apply security updates as soon as they are released. More information about this month’s security updates and advisories can be found in the Security...