Lucene search
+L

1371 matches found

MSRC
MSRC
added 2022/08/10 7:0 a.m.13 views

セキュリティ更新プログラム ガイドの通知システム : 今すぐプロファイルを作成しましょう

本ブログは、Security Update Guide Notification System News: Create your profile now の抄訳版です。最新の情報は原文を参照してください。 セキ...

1.1AI score
Exploits0
MSRC
MSRC
added 2022/08/10 7:0 a.m.14 views

Microsoft Office、2022年8月からシンボルを公開

本ブログは、Microsoft Office to publish symbols starting August 2022 の抄訳版です。最新の情報は原文を参照してください。 Microsoft Office が...

1.7AI score
Exploits0
MSRC
MSRC
added 2022/08/09 5:20 p.m.20 views

Security Update Guide Notification System News: Create your profile now

Sharing information through the Security Update Guide SUG is an important part of our ongoing effort to help customers manage security risks and keep systems protected. In January 2022 we introduced Phase One of a new way for customers to receive email notifications about new Microsoft product...

1.1AI score
Exploits0
MSRC
MSRC
added 2022/08/09 7:0 a.m.11 views

Security Update Guide Notification System News: Create your profile now

Sharing information through the Security Update Guide SUG is an important part of our ongoing effort to help customers manage security risks and keep systems protected. In January 2022 we introduced Phase One of a new way for customers to receive email notifications about new Microsoft product...

0.9AI score
Exploits0
MSRC
MSRC
added 2022/08/09 7:0 a.m.10 views

2022 年 8 月のセキュリティ更新プログラム (月例)

2022 年 8 月 9 日(米国時間)、マイクロソフトは、マイクロソフト製品に影響する脆弱性を修正するために、セキ...

0.3AI score
Exploits0
MSRC
MSRC
added 2022/08/09 7:0 a.m.9 views

Security Update Guide Notification System News: Create your profile now

Sharing information through the Security Update Guide SUG is an important part of our ongoing effort to help customers manage security risks and keep systems protected. In January 2022 we introduced Phase One of a new way for customers to receive email notifications about new Microsoft product...

6.7AI score
Exploits0
MSRC
MSRC
added 2022/08/08 5:30 p.m.22 views

Congratulations to the MSRC 2022 Most Valuable Researchers!

The Microsoft Researcher Recognition Program offers public thanks and recognition to security researchers who help protect our customers through discovering and sharing security vulnerabilities under Coordinated Vulnerability Disclosure. Today, we are excited to recognize this year’s top 100 Most...

0.9AI score
Exploits0
MSRC
MSRC
added 2022/08/08 9:30 a.m.16 views

Microsoft Office to publish symbols starting August 2022

We are excited to announce that Microsoft Office will begin publishing Office symbols for Windows via the Microsoft Public Symbol Server on August 9th 2022. The publication of Office symbols is a part of our continuing investment to improve security and performance for customers and partners. Key...

3.1AI score
Exploits0
MSRC
MSRC
added 2022/08/08 7:0 a.m.17 views

Congratulations to the MSRC 2022 Most Valuable Researchers!

The Microsoft Researcher Recognition Program offers public thanks and recognition to security researchers who help protect our customers through discovering and sharing security vulnerabilities under Coordinated Vulnerability Disclosure. Today, we are excited to recognize this year’s top 100 Most...

7AI score
Exploits0
MSRC
MSRC
added 2022/08/08 7:0 a.m.12 views

Microsoft Office to publish symbols starting August 2022

We are excited to announce that Microsoft Office will begin publishing Office symbols for Windows via the Microsoft Public Symbol Server on August 9th 2022. The publication of Office symbols is a part of our continuing investment to improve security and performance for customers and partners. Key...

3.2AI score
Exploits0
MSRC
MSRC
added 2022/08/08 7:0 a.m.10 views

Microsoft Office to publish symbols starting August 2022

We are excited to announce that Microsoft Office will begin publishing Office symbols for Windows via the Microsoft Public Symbol Server on August 9th 2022. The publication of Office symbols is a part of our continuing investment to improve security and performance for customers and partners. Key...

7.3AI score
Exploits0
MSRC
MSRC
added 2022/08/08 7:0 a.m.16 views

Congratulations to the MSRC 2022 Most Valuable Researchers!

The Microsoft Researcher Recognition Program offers public thanks and recognition to security researchers who help protect our customers through discovering and sharing security vulnerabilities under Coordinated Vulnerability Disclosure. Today, we are excited to recognize this year’s top 100 Most...

0.8AI score
Exploits0
MSRC
MSRC
added 2022/07/28 5:0 p.m.19 views

Anatomy of a Cloud-Service Security Update

Our security teams around the world focus on identifying and mitigating security issues as soon as possible while minimizing customer disruption. One of the challenges of a traditional security update is ensuring customers apply the protections promptly. We recently discussed the work that goes...

1.2AI score
Exploits0
MSRC
MSRC
added 2022/07/28 7:0 a.m.18 views

Anatomy of a Cloud-Service Security Update

Our security teams around the world focus on identifying and mitigating security issues as soon as possible while minimizing customer disruption. One of the challenges of a traditional security update is ensuring customers apply the protections promptly. We recently discussed the work that goes...

1.7AI score
Exploits0
MSRC
MSRC
added 2022/07/28 7:0 a.m.6 views

Anatomy of a Cloud-Service Security Update

Our security teams around the world focus on identifying and mitigating security issues as soon as possible while minimizing customer disruption. One of the challenges of a traditional security update is ensuring customers apply the protections promptly. We recently discussed the work that goes...

7.1AI score
Exploits0
MSRC
MSRC
added 2022/07/28 7:0 a.m.17 views

クラウドサービスにおけるセキュリティ更新のアナトミー

本ブログは、Anatomy of a Cloud-Service Security Update の抄訳版です。最新の情報は原文を参照してください。 世界中のマイク...

1.3AI score
Exploits0
MSRC
MSRC
added 2022/07/19 4:15 p.m.25 views

Congratulations to the Top MSRC 2022 Q2 Security Researchers!

Congratulations to all the researchers recognized in this quarter’s Microsoft Researcher Recognition Program leaderboard! Thank you to everyone for your hard work and continued partnership to secure customers. The top three researchers of the 2022 Q2 Security Researcher Leaderboard are: Yuki Chen...

1.2AI score
Exploits0
MSRC
MSRC
added 2022/07/19 7:0 a.m.6 views

Congratulations to the Top MSRC 2022 Q2 Security Researchers!

Congratulations to all the researchers recognized in this quarter’s Microsoft Researcher Recognition Program leaderboard! Thank you to everyone for your hard work and continued partnership to secure customers. The top three researchers of the 2022 Q2 Security Researcher Leaderboard are: Yuki Chen...

6.8AI score
Exploits0
MSRC
MSRC
added 2022/07/19 7:0 a.m.13 views

Azure Storage SDK でのクライアントサイド暗号化におけるパディング オラクル の脆弱性を軽減

本ブログは、Mitigation for Azure Storage SDK Client-Side Encryption Padding Oracle Vulnerability の抄訳版です。最新の情報は原文を参照してください。...

1.5AI score
Exploits0
MSRC
MSRC
added 2022/07/19 7:0 a.m.11 views

Congratulations to the Top MSRC 2022 Q2 Security Researchers!

Congratulations to all the researchers recognized in this quarter’s Microsoft Researcher Recognition Program leaderboard! Thank you to everyone for your hard work and continued partnership to secure customers. The top three researchers of the 2022 Q2 Security Researcher Leaderboard are: Yuki Chen...

1.4AI score
Exploits0
MSRC
MSRC
added 2022/07/18 1:40 p.m.44 views

Mitigation for Azure Storage SDK Client-Side Encryption Padding Oracle Vulnerability

Summary: Google informed Microsoft under Coordinated Vulnerability Disclosure CVD of a padding oracle vulnerability that may affect customers using Azure Storage SDK for Python, .NET, Java client-side encryption CVE-2022-30187. To mitigate this vulnerability, we released a new General Availabilit...

1.9CVSS2.6AI score0.00521EPSS
Exploits0
MSRC
MSRC
added 2022/07/18 7:0 a.m.31 views

Mitigation for Azure Storage SDK Client-Side Encryption Padding Oracle Vulnerability

Summary Google informed Microsoft under Coordinated Vulnerability Disclosure CVD of a padding oracle vulnerability that may affect customers using Azure Storage SDK for Python, .NET, Java client-side encryption CVE-2022-30187. To mitigate this vulnerability, we released a new General Availability...

4.7CVSS5.1AI score0.00521EPSS
Exploits0
MSRC
MSRC
added 2022/07/18 7:0 a.m.42 views

Mitigation for Azure Storage SDK Client-Side Encryption Padding Oracle Vulnerability

Summary Summary Google informed Microsoft under Coordinated Vulnerability Disclosure CVD of a padding oracle vulnerability that may affect customers using Azure Storage SDK for Python, .NET, Java client-side encryption CVE-2022-30187. To mitigate this vulnerability, we released a new General...

1.9CVSS2.7AI score0.00521EPSS
Exploits0
MSRC
MSRC
added 2022/07/13 2:35 p.m.16 views

All Hands-on Deck: A Whole-of-Society Approach for Cybersecurity

The morning of June 9th, I was driving over the Golden Gate Bridge into San Francisco with my family. While crossing the bridge my children shared some facts about this modern engineering marvel. Each day, approx. 100,000 vehicles travel over the bridge deck, which weighs a staggering 150,000 ton...

1.8AI score
Exploits0
MSRC
MSRC
added 2022/07/13 7:0 a.m.13 views

All Hands-on Deck: A Whole-of-Society Approach for Cybersecurity

The morning of June 9th, I was driving over the Golden Gate Bridge into San Francisco with my family. While crossing the bridge my children shared some facts about this modern engineering marvel. Each day, approx. 100,000 vehicles travel over the bridge deck, which weighs a staggering 150,000 ton...

2AI score
Exploits0
MSRC
MSRC
added 2022/07/13 7:0 a.m.10 views

All Hands-on Deck: A Whole-of-Society Approach for Cybersecurity

The morning of June 9th, I was driving over the Golden Gate Bridge into San Francisco with my family. While crossing the bridge my children shared some facts about this modern engineering marvel. Each day, approx. 100,000 vehicles travel over the bridge deck, which weighs a staggering 150,000 ton...

7AI score
Exploits0
MSRC
MSRC
added 2022/07/12 5:49 p.m.19 views

Microsoft Mitigates Azure Site Recovery Vulnerabilities

Summary: Microsoft recently mitigated a set of vulnerabilities in Azure Site Recovery ASR and released fixes today, July 12, as part of our regular Update Tuesday cycle. These vulnerabilities affect all ASR on-premises customers using a VMware/Physical to Azure scenario and are fixed in the lates...

3.7AI score
Exploits0
MSRC
MSRC
added 2022/07/12 7:0 a.m.14 views

Microsoft Mitigates Azure Site Recovery Vulnerabilities

Summary Summary Microsoft recently mitigated a set of vulnerabilities in Azure Site Recovery ASR and released fixes today, July 12, as part of our regular Update Tuesday cycle. These vulnerabilities affect all ASR on-premises customers using a VMware/Physical to Azure scenario and are fixed in th...

3.3AI score
Exploits0
MSRC
MSRC
added 2022/07/12 7:0 a.m.10 views

2022 年 7 月のセキュリティ更新プログラム (月例)

2022 年 7 月 12 日(米国時間)、マイクロソフトは、マイクロソフト製品に影響する脆弱性を修正するために、セキ...

0.3AI score
Exploits0
MSRC
MSRC
added 2022/07/12 7:0 a.m.11 views

Azure Site Recovery の脆弱性を軽減

本ブログは、Microsoft Mitigates Azure Site Recovery Vulnerabilities の抄訳版です。最新の情報は原文を参照してください。 概要 概要 マ...

2.1AI score
Exploits0
MSRC
MSRC
added 2022/07/12 7:0 a.m.10 views

Microsoft Mitigates Azure Site Recovery Vulnerabilities

Summary Microsoft recently mitigated a set of vulnerabilities in Azure Site Recovery ASR and released fixes today, July 12, as part of our regular Update Tuesday cycle. These vulnerabilities affect all ASR on-premises customers using a VMware/Physical to Azure scenario and are fixed in the latest...

7.4AI score
Exploits0
MSRC
MSRC
added 2022/06/30 7:0 a.m.13 views

Service Fabric におけるLinux 上のコンテナ化されたワークロードからの特権昇格について

本ブログは、 Service Fabric Privilege Escalation from Containerized Workloads on Linux の抄訳版です。最新の情報は原文を参照してください。 協調的な脆弱性の公開...

2.9AI score
Exploits0
MSRC
MSRC
added 2022/06/28 11:35 p.m.32 views

Service Fabric Privilege Escalation from Containerized Workloads on Linux

Under Coordinated Vulnerability Disclosure CVD, cloud-security vendor Palo Alto Networks informed Microsoft of an issue affecting Service Fabric SF Linux clusters CVE-2022-30137. The vulnerability enables a bad actor, with access to a compromised container, to escalate privileges and gain control...

4.6CVSS1.7AI score0.01164EPSS
Exploits0
MSRC
MSRC
added 2022/06/28 7:0 a.m.35 views

Service Fabric Privilege Escalation from Containerized Workloads on Linux

Under Coordinated Vulnerability Disclosure CVD, cloud-security vendor Palo Alto Networks informed Microsoft of an issue affecting Service Fabric SF Linux clusters CVE-2022-30137. The vulnerability enables a bad actor, with access to a compromised container, to escalate privileges and gain control...

6.7CVSS7.1AI score0.01164EPSS
Exploits0
MSRC
MSRC
added 2022/06/28 7:0 a.m.41 views

Service Fabric Privilege Escalation from Containerized Workloads on Linux

Under Coordinated Vulnerability Disclosure CVD, cloud-security vendor Palo Alto Networks informed Microsoft of an issue affecting Service Fabric SF Linux clusters CVE-2022-30137. The vulnerability enables a bad actor, with access to a compromised container, to escalate privileges and gain control...

4.6CVSS2.2AI score0.01164EPSS
Exploits0
MSRC
MSRC
added 2022/06/25 1:20 a.m.28 views

A Man of Action: Meet Callum Carney

Hidden Talents: He was a competitive swimmer for many years. Instrument of Choice: His fingers were made for the keyboard, but he used to play the trumpet. 5 pieces of entertainment for the rest of his life: The Office, World War Z, The Matrix, Breaking Bad, The Thick of It. Favorite non-profit:...

2AI score
Exploits0
MSRC
MSRC
added 2022/06/24 7:0 a.m.12 views

A Man of Action: Meet Callum Carney

Hidden Talents : He was a competitive swimmer for many years. Instrument of Choice : His fingers were made for the keyboard, but he used to play the trumpet. 5 pieces of entertainment for the rest of his life : The Office, World War Z, The Matrix, Breaking Bad, The Thick of It...

1.8AI score
Exploits0
MSRC
MSRC
added 2022/06/24 7:0 a.m.11 views

A Man of Action: Meet Callum Carney

Hidden Talents : He was a competitive swimmer for many years. Instrument of Choice : His fingers were made for the keyboard, but he used to play the trumpet. 5 pieces of entertainment for the rest of his life : The Office, World War Z, The Matrix, Breaking Bad, The Thick of It...

7AI score
Exploits0
MSRC
MSRC
added 2022/06/14 7:0 a.m.12 views

2022 年 6 月のセキュリティ更新プログラム (月例)

2022 年 6 月 14 日(米国時間)、マイクロソフトは、マイクロソフト製品に影響する脆弱性を修正するために、セキ...

0.3AI score
Exploits0
MSRC
MSRC
added 2022/05/30 11:25 p.m.182 views

Guidance for CVE-2022-30190 Microsoft Support Diagnostic Tool Vulnerability

UPDATE July 12, 2022: As part of the response by Microsoft, a defense in depth variant has been found and fixed in the Windows July cumulative updates. Microsoft recommends installing the July updates as soon as possible. Windows Version Link to KB article LInk to Catalog Windows 8.1, Windows...

9.3CVSS2.2AI score0.99374EPSS
Exploits62
MSRC
MSRC
added 2022/05/30 7:0 a.m.75 views

Guidance for CVE-2022-30190 Microsoft Support Diagnostic Tool Vulnerability

UPDATE July 12, 2022: As part of the response by Microsoft, a defense in depth variant has been found and fixed in the Windows July cumulative updates. Microsoft recommends installing the July updates as soon as possible. Windows Version Link to KB article LInk to Catalog Windows 8.1, Windows...

9.3CVSS7.6AI score0.99374EPSS
Exploits62
MSRC
MSRC
added 2022/05/30 7:0 a.m.87 views

Guidance for CVE-2022-30190 Microsoft Support Diagnostic Tool Vulnerability

UPDATE July 12, 2022: As part of the response by Microsoft, a defense in depth variant has been found and fixed in the Windows July cumulative updates. Microsoft recommends installing the July updates as soon as possible. Windows Version Link to KB article LInk to Catalog Windows 8.1, Windows...

9.3CVSS6.8AI score0.99374EPSS
Exploits62
MSRC
MSRC
added 2022/05/30 7:0 a.m.86 views

CVE-2022-30190 マイクロソフト サポート診断ツールの脆弱性に関するガイダンス

本ブログは Guidance for CVE-2022-30190 Microsoft Support Diagnostic Tool Vulnerability の抄訳版です。最新の情報は原文を参照してください。 2022 年 7 月 12 日更新 : マイク...

9.3CVSS7.8AI score0.99374EPSS
Exploits62
MSRC
MSRC
added 2022/05/23 10:45 p.m.31 views

New Research Paper: Pre-hijacking Attacks on Web User Accounts

In 2020, MSRC awarded two Identity Project Research Grants to support external researchers working to further strengthen the security of identity protocols and systems. Today we are pleased to release the results of the first of these projects. This research, led by independent security researche...

2.3AI score
Exploits0
MSRC
MSRC
added 2022/05/23 7:0 a.m.11 views

New Research Paper: Pre-hijacking Attacks on Web User Accounts

In 2020, MSRC awarded two Identity Project Research Grants to support external researchers working to further strengthen the security of identity protocols and systems. Today we are pleased to release the results of the first of these projects. This research, led by independent security researche...

2.5AI score
Exploits0
MSRC
MSRC
added 2022/05/23 7:0 a.m.11 views

New Research Paper: Pre-hijacking Attacks on Web User Accounts

In 2020, MSRC awarded two Identity Project Research Grants to support external researchers working to further strengthen the security of identity protocols and systems. Today we are pleased to release the results of the first of these projects. This research, led by independent security researche...

7AI score
Exploits0
MSRC
MSRC
added 2022/05/19 2:32 p.m.28 views

Researcher Spotlight: Hector Peralta’s Evolution from Popcorn Server to the MSRC Leaderboards

“The bug bounty literally changed my life. Before this, I had nothing.” Coolest thing he purchased: His first vehicle! Best gift to give: Buying his nephew gaming accessories. Favorite Hacking Companion: His two cats. They’re always by his side when he is working late. Origin of his Hacker name:...

0.3AI score
Exploits0
MSRC
MSRC
added 2022/05/19 7:0 a.m.14 views

Researcher Spotlight: Hector Peralta’s Evolution from Popcorn Server to the MSRC Leaderboards

“The bug bounty literally changed my life. Before this, I had nothing.” Coolest thing he purchased : His first vehicle! Best gift to give: Buying his nephew gaming accessories. Favorite Hacking Companion : His two cats. They’re always by his side when he is working late. Origin of his Hacker name...

0.6AI score
Exploits0
MSRC
MSRC
added 2022/05/19 7:0 a.m.12 views

Researcher Spotlight: Hector Peralta’s Evolution from Popcorn Server to the MSRC Leaderboards

“The bug bounty literally changed my life. Before this, I had nothing.” Coolest thing he purchased : His first vehicle! Best gift to give: Buying his nephew gaming accessories. Favorite Hacking Companion : His two cats. They’re always by his side when he is working late. Origin of his Hacker name...

7AI score
Exploits0
MSRC
MSRC
added 2022/05/16 7:0 a.m.9 views

セキュリティ更新プログラムのアナトミー

本ブログは、Anatomy of a Security Update の抄訳版です。最新の情報は原文を参照してください。 マイクロソフト セ...

1.1AI score
Exploits0
Total number of security vulnerabilities1371