Microsoft

Source: https://msrc-blog.microsoft.com/blog/2020/12/20201203_sugv2_howto/ 新しいバージョンのセキュリティ更新プログラムについては下記の関連ブログもご覧ください。 「新しいセキュ

Source: https://msrc-blog.microsoft.com/blog/2020/11/20201120_cve-2020-17049/ マイクロソフトは、2020 年 11 月 10 日 (米国時間) に、Kerberos KDC (Key Distribution Center) に対する脆弱性情報 CVE-2020-17049 を公

Source: https://msrc-blog.microsoft.com/blog/2020/11/vulnerability-descriptions-in-the-new-version-of-the-security-update-guide/ With the launch of the new version of the Security Update Guide, Microsoft is demonstrating its commitment to industry standards by describing the vulnerabilities with the Common Vulnerability Scoring System … Read more

Source: https://msrc-blog.microsoft.com/blog/2020/10/attacks-exploiting-netlogon-vulnerability-cve-2020-1472/ Microsoft has received a small number of reports from customers and others about continued activity exploiting a vulnerability affecting the Netlogon protocol (CVE-2020-1472) which was previously addressed in security updates … Read more

Source: https://msrc-blog.microsoft.com/blog/2020/10/announcing-the-top-msrc-2020-q3-security-researchers/ Following the MSRC’s 2020 Most Valuable Security Researchers announced during this year’s Black Hat, we’re excited to announce the top contributing researchers for the 2020 Third Quarter (Q3)! The top … Read more

Source: https://msrc-blog.microsoft.com/blog/2020/10/security-analysis-of-cheri-isa/ Is it possible to get to a state where memory safety issues would be deterministically mitigated? Our quest to mitigate memory corruption vulnerabilities led us to examine CHERI (Capability Hardware … Read more

Source: https://msrc-blog.microsoft.com/blog/2020/10/azure-sphere-security-research-challenge-concluded/ The Azure Sphere Security Research Challenge brought together 70 researchers from 21 countries to help secure Azure Sphere customers and expand Microsoft’s partnerships with the global IoT security research community. … Read more

Source: https://msrc-blog.microsoft.com/blog/2020/09/what-to-expect-when-reporting-vulnerabilities-to-microsoft/ At the Microsoft Security Response Center’s (MSRC), our primary mission is to help protect our customers. One of the ways we do this is by working with security researchers to … Read more

Source: https://msrc-blog.microsoft.com/blog/2020/09/new-and-improved-security-update-guide/ We’re excited to announce a significant update to the Security Update Guide, our one-stop site for information about all security updates provided by Microsoft. This new version will provide a … Read more

Source: https://msrc.microsoft.com/blog/2020/08/control-flow-guard-for-clang-llvm-and-rust/ As part of our ongoing efforts towards safer systems programming, we’re pleased to announce that Windows Control Flow Guard (CFG) support is now available in the Clang C/C++ compiler and … Read more

Source: https://msrc.microsoft.com/blog/2020/08/announcing-2020-msrc-most-valuable-security-researchers/ Today we announce our Most Valuable Security Researchers for 2020! The MSRC Researcher Recognition program is an integral aspect of recognizing the ongoing partnerships with our community of talented security … Read more

Source: https://msrc.microsoft.com/blog/2020/08/microsoft-joins-open-source-security-foundation/ Microsoft has invested in the security of open source software for many years and today I’m excited to share that Microsoft is joining industry partners to create the Open Source … Read more

Source: https://msrc.microsoft.com/blog/2020/07/black-hat-2020-see-you-in-the-cloud/ It hardly feels like summer without the annual trip to Las Vegas for Black Hat USA. With this year’s event being totally cloud based, we won’t have the chance to … Read more

Source: https://msrc.microsoft.com/blog/2020/07/updates-to-the-windows-insider-preview-bounty-program/ Partnering with the research community is an important part of Microsoft’s holistic approach to defending against security threats. Bounty programs are one part of this partnership, designed to encourage and … Read more

Source: https://msrc.microsoft.com/blog/2020/07/msrc-q2-2020-leaderboard/ We are excited to announce the top contributing researchers for the 2020 Second Quarter (Q2)! Congratulations to all the researchers who continue to rock the leaderboard, and a big thank … Read more

Source: https://msrc.microsoft.com/blog/2020/07/july-2020-security-update-cve-2020-1350-vulnerability-in-windows-domain-name-system-dns-server/ Today we released an update for CVE-2020-1350, a Critical Remote Code Execution (RCE) vulnerability in Windows DNS Server that is classified as a ‘wormable’ vulnerability and has a CVSS base … Read more

Source: https://msrc.microsoft.com/blog/2020/06/machine-learning-security-evasion-competition-2020-invites-researchers-to-defend-and-attack/ Machine learning (ML) is an increasingly valuable tool in cyber security as adversaries continually evolve their tactics and techniques to evade detection. As machine learning has advanced and sophisticated ML … Read more

Source: https://msrc.microsoft.com/blog/2020/05/azure-sphere-security-research-challenge/ The Azure Sphere Security Research Challenge is an expansion of Azure Security Lab, announced at Black Hat in August 2019. At that time, a select group of talented researchers was … Read more

Source: https://msrc.microsoft.com/blog/2020/04/the-safety-boat-kubernetes-and-rust/ Our team, DeisLabs, recently released a new piece of software called Krustlet, which is a tool for running WebAssembly modules on the popular, open-source container management tool called Kubernetes. Kubernetes … Read more

Source: https://msrc.microsoft.com/blog/2020/04/msrc-q1-2020-leaderboard/ Following the second Security Researcher Quarterly Leaderboard and the 2020 MSRC Most Valuable Security Researchers criteria we published in February 2020, we are excited to announce the 2020 First Quarter … Read more