Microsoft Security Response Center Blog Alerts

Subscribe to Microsoft Security Response Center Blog Alerts hírcsatorna Microsoft Security Response Center Blog Alerts
Frissítve: 2 óra 1 perc
2020. január 9.

Announcing the Microsoft Identity Research Project Grant

We are excited to announce the Microsoft Identity Research Project Grant a new opportunity in partnership with the security community to help protect Microsoft customers. This project grant awards up to $75,000 USD for approved research proposals that improve the security of the Microsoft Identity solutions in new ways for both Consumers (Microsoft Account) and Enterprise (Azure Active Directory).

The post Announcing the Microsoft Identity Research Project Grant appeared first on Microsoft Security Response Center.

2019. december 10.

December 2019 security updates are available

We have released the December security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide. As a reminder, Windows 7 and Windows Server 2008 R2 will be out of …

December 2019 security updates are available Read More »

2019. november 21.

Customer Guidance for the Dopplepaymer Ransomware

Microsoft has been investigating recent attacks by malicious actors using the Dopplepaymer ransomware. There is misleading information circulating about Microsoft Teams, along with references to RDP (BlueKeep), as ways in which this malware spreads. Our security research teams have investigated and found no evidence to support these claims. In our investigations we found that the …

Customer Guidance for the Dopplepaymer Ransomware Read More »

The post Customer Guidance for the Dopplepaymer Ransomware appeared first on Microsoft Security Response Center.

2019. november 13.

BlueHat Seattle videos are online!

Were you unable to attend BlueHat Seattle, or wanted to see a session again? We have good news. If you have been waiting for the videos from BlueHat Seattle last month, the wait is over. All videos which the presenter authorized to be recorded are now online and available to anyone. We are also happy …

BlueHat Seattle videos are online! Read More »

The post BlueHat Seattle videos are online! appeared first on Microsoft Security Response Center.

2019. november 12.

November 2019 security updates are available!

We have released the November security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide. As a reminder, Windows 7 and Windows Server 2008 R2 will be out of …

November 2019 security updates are available! Read More »

The post November 2019 security updates are available! appeared first on Microsoft Security Response Center.

2019. november 7.

Using Rust in Windows

This Saturday 9th of November, there will be a keynote from Microsoft engineers Ryan Levick and Sebastian Fernandez at RustFest Barcelona. They will be talking about why Microsoft is exploring Rust adoption, some of the challenges we’ve faced in this process, and the future of Rust adoption in Microsoft. If you want to talk with …

Using Rust in Windows Read More »

The post Using Rust in Windows appeared first on Microsoft Security Response Center.

2019. november 6.

Vulnerability hunting with Semmle QL: DOM XSS

In two previous blog posts ( part 1 and part 2), we talked about using Semmle QL in C and C++ codebases to find vulnerabilities such as integer overflow, path traversal, and those leading to memory corruption. In this post, we will explore applying Semmle QL to web security by hunting for one of­­­ the …

Vulnerability hunting with Semmle QL: DOM XSS Read More »

The post Vulnerability hunting with Semmle QL: DOM XSS appeared first on Microsoft Security Response Center.

2019. október 25.

Time for day 2 of briefings at BlueHat Seattle!

We hope you enjoyed the first day of our BlueHat briefings and the Bytes of BlueHat reception in our glamping tent (complete with toasted marshmallows). Yesterday, we learned a lot about how XboxOne hardware security has advanced the state of hardware security elsewhere, we heard some surprising correlations between vuln severity, age, and time to …

Time for day 2 of briefings at BlueHat Seattle! Read More »

The post Time for day 2 of briefings at BlueHat Seattle! appeared first on Microsoft Security Response Center.

2019. október 24.

Welcome to the second stage of BlueHat!

We’ve finished two incredible days of security trainings at the Living Computer Museum in Seattle. Now it’s time for the second part of BlueHat: the briefings at ShowBox SoDo. We’ve got a big day planned, so head on down. Please join us for breakfast (we have doughnuts! and bacon! and cereal!) when the doors open …

Welcome to the second stage of BlueHat! Read More »

The post Welcome to the second stage of BlueHat! appeared first on Microsoft Security Response Center.

2019. október 23.

Microsoft Identity Bounty Improvements

Sharing the latest updates to the Microsoft Identity Bounty Program

The post Microsoft Identity Bounty Improvements appeared first on Microsoft Security Response Center.

2019. október 18.

Introducing the ElectionGuard Bounty program

Announcing the new ElectionGuard Bounty program

The post Introducing the ElectionGuard Bounty program appeared first on Microsoft Security Response Center.

2019. október 17.

Announcing the Security Researcher Quarterly Leaderboard

Right before Black Hat USA 2019, we announced our new researcher recognition program, and at Black Hat we announced the top researchers from the previous twelve months. Since it’s easier to track your progress with regular updates than with just an annual report, we are excited to announce the MSRC Q3 2019 Security Researcher Leaderboard, …

Announcing the Security Researcher Quarterly Leaderboard Read More »

The post Announcing the Security Researcher Quarterly Leaderboard appeared first on Microsoft Security Response Center.

2019. október 16.

An intern’s experience with Rust

Over the course of my internship at the Microsoft Security Response Center (MSRC), I worked on the safe systems programming languages (SSPL) team to promote safer languages for systems programming where runtime overhead is important, as outlined in this blog. My job was to port a security critical network processing agent into Rust to eliminate …

An intern’s experience with Rust Read More »

The post An intern’s experience with Rust appeared first on Microsoft Security Response Center.

2019. október 8.

Designing a COM library for Rust

I interned with Microsoft as a Software Engineering Intern in the MSRC UK team in Cheltenham this past summer. I worked in the Safe Systems Programming Language (SSPL) group, which explores safe programming languages as a proactive measure against memory-safety related vulnerabilities. This blog post describes the project that I have been working on under …

Designing a COM library for Rust Read More »

The post Designing a COM library for Rust appeared first on Microsoft Security Response Center.

2019. október 8.

October 2019 security updates are available!

We have released the October security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide. As a reminder, Windows 7 and Windows Server 2008 R2 will be out of …

October 2019 security updates are available! Read More »

The post October 2019 security updates are available! appeared first on Microsoft Security Response Center.

2019. október 3.

[AD管理者向け] 2020 年 LDAP 署名と LDAP チャネルバインディングが有効化。確認を!

マイクロソフトでは、2020 年初頭に、Active Directory ドメイン環境内の LDAP 通信の安全性を向上するために、LDAP 署名、およびLDAP チャネルバインディング (LDAPS 利用時)を既定で有効化します。

The post [AD管理者向け] 2020 年 LDAP 署名と LDAP チャネルバインディングが有効化。確認を! appeared first on Microsoft Security Response Center.