2019 年 6 月のセキュリティ更新プログラム (月例)
2019 年 6 月 12 日 (日本時間)、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しました。 Internet Explorer Microsoft Edge Microsoft Windows Microsoft Office、Microsoft Office Servers および Web Apps Adobe Flash Player ChakraCore...
View ArticlePrevent the impact of a Linux worm by updating Exim (CVE-2019-10149)
This week, MSRC confirmed the presence of an active Linux worm leveraging a critical Remote Code Execution (RCE) vulnerability, CVE-2019-10149, in Linux Exim email servers running Exim version 4.87 to...
View ArticleInside the MSRC – Customer-centric incident response
The Microsoft Security Response Center (MSRC) is an integral part of Microsoft’s Cyber Defense Operations Center (CDOC) that brings together security response experts from across the company to help...
View ArticleInside the MSRC – Anatomy of a SSIRP incident
This is the second in a series of blog posts that shares how the MSRC responds to elevated threats to customers through the Software and Services Incident Response Plan (SSIRP). In our last blog...
View ArticleInside the MSRC – Building your own security incident response process
This is the third and last in a series of posts that looks at how Microsoft responds to elevated threats to customers through the Microsoft Security Response Center’s (MSRC) Software and Services...
View Article日本セキュリティチーム ブログ移行のお知らせ
日本セキュリティチーム ブログが、新しいプラットフォームに移行してアドレスが変更になりました。旧アドレス (https://blogs.technet.microsoft.com/jpsecurity/) をブラウザのお気に入りに登録や、RSS フィードの登録等で利用されている方は、お手数ですが、新たなアドレス (https://aka.ms/jpsecurity) へ変更をお願いします。
View ArticleJuly 2019 Security Update Release
We have released the July security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about...
View Article2019 年 7 月のセキュリティ更新プログラム (月例)
2019 年 7 月 10 日 (日本時間)、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しました。
View ArticleA proactive approach to more secure code
What if we could eliminate an entire class of vulnerabilities before they ever happened? Since 2004, the Microsoft Security Response Centre (MSRC) has triaged every reported Microsoft security...
View ArticleAnnouncing the Microsoft Dynamics 365 Bounty program
One of Microsoft’s many security investments to protect customers is in the partnerships we build with the external security research community. We are excited to announce the launch of the Dynamics...
View ArticleWe Need a Safer Systems Programming Language
In our first post in this series, we discussed the need for proactively addressing memory safety issues. Tools and guidance are demonstrably not preventing this class of vulnerabilities; memory safety...
View ArticleWhy Rust for safe systems programming
In this series, we have explored the need for proactive measures to eliminate a class of vulnerabilities and walked through some examples of memory safety issues we’ve found in Microsoft code that...
View ArticleMicrosoft Announces Top Contributing Partners in the Microsoft Active...
Today we announce the top organizational candidates for Vulnerability Top Contributors, Threat Indicator Top Submitters, and Zero-Day Top Reporting for the period of July 1, 2018 – June 30, 2019. The...
View ArticleIt’s Official – The Way We Recognize Our Security Researchers
We deeply appreciate the partnership of the many talented security researchers who report vulnerabilities to Microsoft through Coordinated Vulnerability Disclosure. We pay bounties for research in key...
View ArticleMeet the MSRC at Black Hat 2019
We’re getting close to Black Hat, and we hope to see you there. Here’s where you can find members of the Microsoft Security Response Center if you’d like to say hello, ask a question about a report you...
View ArticleRecognizing Security Researchers in 2019
Who’s going to be on the Most Valuable Security Researcher list at Black Hat USA 2019? We’re not announcing the names—yet—but this is how we’ll determine who’s there. How do we define the Most Valuable...
View ArticleAzure Security Lab: a new space for Azure research and collaboration
Azure is exceptionally secure. To help keep it that way, we are doubling the top bounty reward for Azure vulnerabilities to $40,000. But we aren’t stopping there. To make it easier for security...
View ArticleCorporate IoT – a path to intrusion
Several sources estimate that by the year 2020 some 50 billion IoT devices will be deployed worldwide. IoT devices are purposefully designed to connect to a network and many are simply connected to the...
View ArticleAnnouncing 2019 MSRC Most Valuable Security Researchers
Earlier today we announced MSRC’s 2018-2019 Most Valuable Security Researchers at Black Hat. The following 75 researchers hail from all corners of the world and possess varied experience and skills,...
View ArticleMicrosoft Announces Top Three Contributing Partners in the Microsoft Active...
Today Microsoft announced the MAPP program Top Vulnerability Contributors, Top Threat Indicator Submitters, and Top Zero-Day Reporting for the period of July 1, 2018 – June 30, 2019. The Microsoft...
View Article