Threat Intelligence Feeds – A place to control time
Source: https://msrc-blog.microsoft.com/blog/2023/05/guidance-related-to-secure-boot-manager-changes-associated-with-cve-2023-24932-ja/ 本ブログは、Guidance related to Secure Boot Manager changes associated with CVE-2023-24932 の抄訳版です。最新の情報は原文を参照してください。 概要
Source: https://msrc-blog.microsoft.com/blog/2023/04/microsoft-vulnerability-severity-classification-for-online-services-publication/ The Microsoft Security Response Center (MSRC) is always looking for ways to provide clarity and transparency around how we assess the impact of vulnerabilities reported in our products and services. … Read more
Source: https://msrc-blog.microsoft.com/blog/2023/04/microsoft-vulnerability-severity-classification-for-online-services-publication-ja/ 本ブログは、Microsoft Vulnerability Severity Classification for Online Services Publication の抄訳版です。最新の情報は原文を参照してください。 マイク
Source: https://msrc-blog.microsoft.com/blog/2023/04/congratulations-to-the-top-msrc-2023-q1-security-researchers/ Congratulations to all the researchers recognized in this quarter’s Microsoft Researcher Recognition Program leaderboard! Thank you to everyone for your hard work and continued partnership to secure customers. The top three … Read more
Source: https://msrc-blog.microsoft.com/blog/2023/04/best-practices-regarding-azure-storage-keys-azure-functions-and-azure-role-based-access/ Summary Summary Azure provides developers and security operations staff a wide array of configurable security options to meet organizational needs. Throughout the software development lifecycle, it is important for customers … Read more
Source: https://msrc-blog.microsoft.com/blog/2023/03/microsoft-mitigates-outlook-elevation-of-privilege-vulnerability/ Summary Summary Microsoft Threat Intelligence discovered limited, targeted abuse of a vulnerability in Microsoft Outlook for Windows that allows for new technology LAN manager (NTLM) credential theft. Microsoft has released … Read more
Source: https://msrc-blog.microsoft.com/blog/2023/03/microsoft-mitigates-outlook-elevation-of-privilege-vulnerability-jp/ 本ブログは、Microsoft Mitigates Outlook Elevation of Privilege Vulnerability の抄訳版です。最新の情報は原文を参照してください。 Microsoft Threat Intelligence は
Source: https://msrc-blog.microsoft.com/blog/2023/03/configuring-host-level-audit-logging-for-aks-vmss/ This blog post runs you through how to enable and configure Linux audit logging on your Azure Kubernetes Service (AKS) Virtual Machine Scale Set (VMSS) using the Linux auditing subsystem, … Read more
Source: https://msrc-blog.microsoft.com/blog/2023/02/first-steps-in-cheriot-security-research/ First steps in CHERIoT Security Research First steps in CHERIoT Security Research At Microsoft, we invest a lot of time researching and investigating possibilities in our journey to memory safety. … Read more
Source: https://msrc-blog.microsoft.com/2023/02/08/new-msrc-blog-site/ We are excited to announce the release of the new Microsoft Security Response Center (MSRC) blog site. Please visit msrc.microsoft.com/blog/starting February 9th, 2023, for all past and future MSRC blog … Read more
Source: https://msrc-blog.microsoft.com/2023/02/06/bluehat-2023-connecting-the-security-research-community-with-microsoft/ We’re excited to welcome more than 400 members of the security research community from around the world to Redmond, Washington for BlueHat 2023. Hosted by the Microsoft Security Response Center … Read more
Source: https://msrc-blog.microsoft.com/2023/01/26/congratulations-to-the-top-msrc-2022-q4-security-researchers/ Congratulations to all the researchers recognized in this quarter’s Microsoft Researcher Recognition Program leaderboard! Thank you to everyone for your hard work and continued partnership to secure customers. The top … Read more
Source: https://msrc-blog.microsoft.com/2023/01/17/microsoft-resolves-four-ssrf-vulnerabilities-in-azure-cloud-services/ Summary Microsoft recently fixed a set of Server-Side Request Forgery (SSRF) vulnerabilities in four Azure services (Azure API Management, Azure Functions, Azure Machine Learning, and Azure Digital Twins) reported by … Read more
Source: https://msrc-blog.microsoft.com/blog/2023/01/publishing-cbl-mariner-cves-on-the-security-update-guide-cvrf-api-ja/ 本ブログは、Publishing CBL-Mariner CVEs on the Security Update Guide CVRF API の抄訳版です。最新の情報は原文を参照してください。
Source: https://msrc-blog.microsoft.com/blog/2023/01/security-update-guide-improvement-representing-hotpatch-updates-ja/ 本ブログは、Security Update Guide Improvement – Representing Hotpatch Updatesの抄訳版です。最新の情報は原文を参照してくださ
Source: https://msrc-blog.microsoft.com/2023/01/06/publishing-cbl-mariner-cves-on-the-security-update-guide-cvrf-api/ Microsoft is pleased to announce that beginning January 11, 2023, we will publish CBL-Mariner CVEs in the Security Update Guide (SUG) Common Vulnerability Reporting Framework (CVRF) API. CBL-Mariner is a … Read more
Source: https://msrc-blog.microsoft.com/2022/12/29/security-update-guide-improvement-representing-hotpatch-updates/ Today we are updating the way Microsoft Security Update Guide (SUG) represents the Windows Hotpatch feature to make it easier for users to identify the hotpatch and security updates. Hotpatching … Read more
Source: https://msrc-blog.microsoft.com/2022/12/02/bluehat-2023-applications-to-attend-now-open/ We are excited to announce that applications to attend BlueHat 2023 are now open! BlueHat 2023 will be the 20th version of the BlueHat conference and will once again be … Read more
Source: https://msrc-blog.microsoft.com/2022/11/16/mico/ We’re excited to announce the launch of a new competition focusing on the security and privacy of machine learning (ML) systems. Machine learning has already become a key enabler in … Read more
Source: https://msrc-blog.microsoft.com/2022/11/02/microsoft-guidance-related-to-openssl-risk-cve-2022-3786-and-cve-2202-3602/ Summary Microsoft is aware and actively addressing the impact associated with the recent OpenSSL vulnerabilities announced on October 25th 2022, fixed in version 3.0.7. As part of our standard processes, … Read more