Allgemeine Sicherheitsinformationen von Microsoft

Configuring host-level audit logging for AKS VMSS
on 1. März 2023 at 0:00

This blog post runs you through how to enable and configure Linux audit logging on your Azure Kubernetes Service (AKS) Virtual Machine Scale Set (VMSS) using the Linux auditing subsystem, also known as auditd. Warning The information provided below is accurate as of the release date of this blog post (2023-03) and guidance may change in future.

  • Azure Kubernetes Service (AKS) Threat Hunting
    on 1. März 2023 at 0:00

    As more businesses shift away from running workloads on dedicated virtual machines to running them inside containers using workload orchestrators like Kubernetes, adversaries have become more interested in them as targets. Moreover, the benefits Kubernetes provides for managing workloads are also extended to adversaries. As adversaries leverage Kubernetes to run their workloads, their understanding of how these platforms work and can be exploited increases.

  • First steps in CHERIoT Security Research
    on 28. Februar 2023 at 0:00

    At Microsoft, we invest a lot of time researching and investigating possibilities in our journey to memory safety. Because the massive majority of existing codebases are written in unsafe programming languages, the task of protecting legacy code is very important. Hardware solutions are an attractive approach because they introduce very powerful security properties with low overheads compared to purely software solutions.

  • 2023 年 2 月のセキュリティ更新プログラム (月例)
    on 14. Februar 2023 at 0:00

    2023 年 2 月 14 日 (米国時間) 、マイクロソフトは、マイクロソフト製品に影響する脆弱性を修正するために、セキ

  • 新しい MSRCのブログサイト
    on 9. Februar 2023 at 13:14

    2023 年 2 月 9 日 (米国時間) から MSRC のブログサイトが新しくなりました。 2023 年 2 月 9 日 (米国時間) 以降は https://msrc.microsoft.com/blog をご

  • New MSRC Blog Site
    on 8. Februar 2023 at 0:00

    We are excited to announce the release of the new Microsoft Security Response Center (MSRC) blog site. Please visit msrc.microsoft.com/blog/ starting February 9th, 2023, for all past and future MSRC blog content. In addition to the new URL, we have refreshed the site with a new look and improved site performance, search, categories, and tags to help users easily find content.

  • BlueHat 2023: Connecting the security research community with Microsoft
    on 6. Februar 2023 at 0:00

    We’re excited to welcome more than 400 members of the security research community from around the world to Redmond, Washington for BlueHat 2023. Hosted by the Microsoft Security Response Center (MSRC), BlueHat is where the security research community, and Microsoft security professionals, come together as peers to connect, share, learn, and exchange ideas in the interest of creating a safer and more secure world for all.

  • Microsoft の調査 – 検証済みの発行者確認を悪用する脅威アクターの同意フィッシング キャンペーンについて
    on 1. Februar 2023 at 0:00

    本ブログは、Microsoft Investigation – Threat actor consent phishing campaign abusing the verified publisher process の抄訳版です。最新の情報は原文を参照してくださ

  • サイバーセキュリティ月間 2023
    on 31. Januar 2023 at 0:00

    政府では、サイバーセキュリティに関する普及啓発強化のため、2 月 1 日から 3 月 18 日までを 「サイバーセキュ

  • Microsoft Investigation - Threat actor consent phishing campaign abusing the verified publisher process
    on 31. Januar 2023 at 0:00

    Summary Summary On December 15th, 2022, Microsoft became aware of a consent phishing campaign involving threat actors fraudulently impersonating legitimate companies when enrolling in the Microsoft Cloud Partner Program (MCPP) (formerly known as Microsoft Partner Network (MPN)). The actor used fraudulent partner accounts to add a verified publisher to OAuth app registrations they created in Azure AD.

  • Congratulations to the Top MSRC 2022 Q4 Security Researchers!
    on 26. Januar 2023 at 0:00

    Congratulations to all the researchers recognized in this quarter’s Microsoft Researcher Recognition Program leaderboard! Thank you to everyone for your hard work and continued partnership to secure customers. The top three researchers of the 2022 Q4 Security Researcher Leaderboard are: goodbyeselene, Jarvis_1oop, and kap0k! Check out the full list of researchers recognized this quarter here.

  • Microsoft は、Azure クラウド サービスにおける 4 つの SSRF の脆弱性を解決しました。
    on 18. Januar 2023 at 0:00

    本ブログは、Microsoft resolves four SSRF vulnerabilities in Azure cloud services の抄訳版です。最新の情報は原文を参照してください。 概要

  • Microsoft resolves four SSRF vulnerabilities in Azure cloud services
    on 17. Januar 2023 at 0:00

    Summary Summary Microsoft recently fixed a set of Server-Side Request Forgery (SSRF) vulnerabilities in four Azure services (Azure API Management, Azure Functions, Azure Machine Learning, and Azure Digital Twins) reported by Orca Security. These SSRF vulnerabilities were determined to be low risk as they do not allow access to sensitive information or Azure backend services.

  • 2023 年 1 月のセキュリティ更新プログラム (月例)
    on 10. Januar 2023 at 0:00

    2023 年 1 月 10 日 (米国時間) 、マイクロソフトは、マイクロソフト製品に影響する脆弱性を修正するために、セキ

  • セキュリティ更新プログラムガイド CVRF API での CBL-Mariner CVE の 公開について
    on 10. Januar 2023 at 0:00

    本ブログは、Publishing CBL-Mariner CVEs on the Security Update Guide CVRF API の抄訳版です。最新の情報は原文を参照してください。

  • セキュリティ更新プログラムガイドの改善 – ホットパッチ更新プログラムの記載
    on 9. Januar 2023 at 0:00

    本ブログは、Security Update Guide Improvement – Representing Hotpatch Updatesの抄訳版です。最新の情報は原文を参照してくださ

  • Publishing CBL-Mariner CVEs on the Security Update Guide CVRF API
    on 6. Januar 2023 at 0:00

    Microsoft is pleased to announce that beginning January 11, 2023, we will publish CBL-Mariner CVEs in the Security Update Guide (SUG) Common Vulnerability Reporting Framework (CVRF) API. CBL-Mariner is a Linux distribution built by Microsoft to power Azure’s cloud and edge products and services and is currently in preview as an AKS Container Host.

  • Security Update Guide Improvement – Representing Hotpatch Updates
    on 29. Dezember 2022 at 0:00

    Today we are updating the way Microsoft Security Update Guide (SUG) represents the Windows Hotpatch feature to make it easier for users to identify the hotpatch and security updates. Hotpatching was introduced a year ago as a new way to install updates on supported Windows Server Azure Edition virtual machines (VMs) without requiring a reboot after installation.

  • 2022 年 12 月のセキュリティ更新プログラム (月例)
    on 13. Dezember 2022 at 0:00

    2022 年 12 月 13 日 (米国時間) 、マイクロソフトは、マイクロソフト製品に影響する脆弱性を修正するために、セキ

  • BlueHat 2023: Applications to Attend NOW OPEN!
    on 2. Dezember 2022 at 0:00

    We are excited to announce that applications to attend BlueHat 2023 are now open We are excited to announce that applications to attend BlueHat 2023 are now open BlueHat 2023 will be the 20th version of the BlueHat conference and will once again be on the Microsoft campus in Redmond, WA, USA, from February 8 – 9, 2023.

  • A Ride on the Wild Side with Hacking Heavyweight Sick Codes
    on 29. November 2022 at 0:00

    Beverage of Choice: Krating Daeng (Thai Red Bull) Industry Influencer he Admires: Casey John Ellis What did you want to be when you grew up? A physician and nearly did Hobbies (Present & Past): Motorcycling & Australian Football Bucket List: Continuing to discover new software Fun Fact: He currently has 2,000 tabs open

  • マイクロソフト 機械学習 メンバーシップ推論コンペティション (MICO) の発表
    on 20. November 2022 at 0:00

    本ブログは、Announcing the Microsoft Machine Learning Membership Inference Competition (MICO)の抄訳版です。最新の情報は原文を参照してく

  • Announcing the Microsoft Machine Learning Membership Inference Competition (MICO)
    on 16. November 2022 at 0:00

    We’re excited to announce the launch of a new competition focusing on the security and privacy of machine learning (ML) systems. Machine learning has already become a key enabler in many products and services, and this trend is likely to continue. It is therefore critical to understand the security and privacy guarantees provided by state-of-the-art ML algorithms – indeed this is one of Microsoft’s Responsible AI Principles.

  • 2022 年 11 月のセキュリティ更新プログラム (月例)
    on 8. November 2022 at 0:00

    2022 年 11 月 8 日 (米国時間) 、マイクロソフトは、マイクロソフト製品に影響する脆弱性を修正するために、セキ

  • セキュリティ更新プログラム リリース スケジュール (2023 年)
    on 8. November 2022 at 0:00

    2023 年のセキュリティ更新プログラムの公開予定日は下記のとおりです。更新プログラムの評価、テスト、適用の

  • OpenSSL 3.0 ~ 3.0.6 のリスク (CVE-2022-3786 および CVE-2202-3602) に関する認識とガイダンス
    on 3. November 2022 at 0:00

    本ブログは、Awareness and guidance related to OpenSSL 3.0 – 3.0.6 risk (CVE-2022-3786 and CVE-2202-3602)の抄訳版です。最新の

  • Awareness and guidance related to OpenSSL 3.0 - 3.0.6 risk (CVE-2022-3786 and CVE-2202-3602)
    on 2. November 2022 at 0:00

    Summary Summary Microsoft is aware and actively addressing the impact associated with the recent OpenSSL vulnerabilities announced on October 25th 2022, fixed in version 3.0.7. As part of our standard processes, we are rolling out fixes for impacted services. Any customer action that is required will be highlighted in this blog and our associated Security Update Guides (CVE-2022-3786 Security Update Guide and CVE-2022-3602 Security Update Guide).

  • マイクロソフト、Jupyter Notebooks for Azure Cosmos DB の脆弱性を修正
    on 2. November 2022 at 0:00

    本ブログは、Microsoft Mitigates Vulnerability in Jupyter Notebooks for Azure Cosmos DB の抄訳版です。最新の情報は原文を参照してください。 概

  • Microsoft Mitigates Vulnerability in Jupyter Notebooks for Azure Cosmos DB
    on 1. November 2022 at 0:00

    Summary Summary Microsoft recently fixed an authentication bypass vulnerability in Jupyter Notebooks for Azure Cosmos DB (currently in preview) reported by Orca Security. Customers not using Jupyter Notebooks (99.8% of Azure Cosmos DB customers do NOT use Jupyter notebooks) were not susceptible to this vulnerability. The bug was introduced on August 12th and fully patched worldwide on Oct 6th, two days after it was reported.

  • Reflecting on Cybersecurity Awareness Month: At its Core, Cybersecurity is all about People
    on 31. Oktober 2022 at 0:00

    As Cybersecurity Awareness Month 2022 comes to a close, I’m grateful for the impact it has had in bringing cybersecurity to the forefront since it began in 2004. Though the month may be over, our work in cybersecurity is never done. Often, we think about cybersecurity as a complex technology problem, but at its core, it’s really about people: the customers and communities we work to protect and defend, the current and future cybersecurity professionals on the front lines of the fight, and the larger security community coming together to strengthen cybersecurity for all.

  • Congratulations to the Top MSRC 2022 Q3 Security Researchers!
    on 24. Oktober 2022 at 0:00

    Congratulations to all the researchers recognized in this quarter’s Microsoft Researcher Recognition Program leaderboard! Thank you to everyone for your hard work and continued partnership to secure customers. The top three researchers of the 2022 Q3 Security Researcher Leaderboard are: Zhiyi Zhang , Yuki Chen , and Dang The Tuyen! Check out the full list of researchers recognized this quarter here.

  • Microsoft Storage Location における構成の誤りに関する調査
    on 19. Oktober 2022 at 0:00

    本ブログは、Investigation Regarding Misconfigured Microsoft Storage Locationの抄訳版です。最新の情報は原文を参照し

  • Investigation Regarding Misconfigured Microsoft Storage Location
    on 19. Oktober 2022 at 0:00

    October 28, 2022 update: Added a Customer FAQ section. Summary Summary Security researchers at SOCRadar informed Microsoft on September 24, 2022, of a misconfigured Microsoft endpoint. This misconfiguration resulted in the potential for unauthenticated access to some business transaction data corresponding to interactions between Microsoft and prospective customers, such as the planning or potential implementation and provisioning of Microsoft services.

  • Awareness and guidance related to potential Service Fabric Explorer (SFX) v1 web client risk
    on 19. Oktober 2022 at 0:00

    Summary Summary Microsoft was recently made aware of a Cross-Site Scripting (XSS) vulnerability (CVE-2022-35829), that under limited circumstances, affects older versions of Service Fabric Explorer (SFX). The current default SFX web client (SFXv2) is not vulnerable to this attack. However, customers can manually switch from the default web client (SFXv2) to an older vulnerable SFX web client version (SFXv1).

  • 潜在的な Service Fabric Explorer (SFX) v1 Web クライアント リスクに関する認識とガイダンス
    on 19. Oktober 2022 at 0:00

    本ブログは、Awareness and guidance related to potential Service Fabric Explorer (SFX) v1 web client riskの抄訳版です。最新の情報は原文を参照し

  • セキュリティ更新プログラムの通知・配信の改善 – 新しい配信方法について
    on 16. Oktober 2022 at 0:00

    本ブログは、Improvements in Security Update Notifications Delivery – And a New Delivery Method の抄訳版です。最新の情報は原文を参照してく

  • BlueHat 2023 Call for Papers is Now Open!
    on 13. Oktober 2022 at 0:00

    For nearly 20 years, BlueHat has been where the security research community, and Microsoft security professionals come together as peers, to share, debate, challenge, learn, and exchange ideas in the interest of creating a safer and more secure world for all. We are extremely excited to announce that BlueHat is back in-person and the 2023 Call for Papers (CFP) is now open through December 8!

  • Hunting for Cobalt Strike: Mining and plotting for fun and profit
    on 13. Oktober 2022 at 0:00

    Introduction Introduction Cobalt Strike is a commercial Command and Control framework built by Helpsystems. You can find out more about Cobalt Strike on the MITRE ATT&CK page. But it can also be used by real adversaries. In this post we describe how to use RiskIQ and other Microsoft technologies to see if you have Cobalt Strike payloads (also called “beacons”) in your network.

  • Improvements in Security Update Notifications Delivery - And a New Delivery Method
    on 12. Oktober 2022 at 0:00

    At MSRC, we are passionate about ensuring our customers have a positive experience when they use the Microsoft Security Update Guide (SUG). A big part of improving that experience is ensuring that customers have timely and easily accessible notifications. As such we have two important announcements to share about changes to the way we provide notifications.

  • 2022 年 10 月 のセキュリティ更新プログラム (月例)
    on 11. Oktober 2022 at 0:00

    2022 年 10 月 11 日 (米国時間) 、マイクロソフトは、マイクロソフト製品に影響する脆弱性を修正するために、セキ

  • Customer Guidance for Reported Zero-day Vulnerabilities in Microsoft Exchange Server
    on 30. September 2022 at 0:00

    November 8, 2022 update - Microsoft released security updates for CVE-2022-41040 and CVE-2022-41082. We recommend that customers protect their organizations by applying the updates immediately to affected systems. The options described in the Mitigations section are no longer recommended. For more information, review the Exchange Team blog. Summary Summary On November 8 Microsoft released security updates for two zero-day vulnerabilities affecting Microsoft Exchange Server 2013, Exchange Server 2016, and Exchange Server 2019.

  • Microsoft Exchange サーバーのゼロデイ脆弱性報告に関するお客様向けガイダンス
    on 30. September 2022 at 0:00

    本ブログは、Customer Guidance for Reported Zero-day Vulnerabilities in Microsoft Exchange Serverの抄訳版です。最新の情報は原文を参照してくだ

  • Azure Identity SDK と Azure Key Vault SDKに関する多層防御のためのアップデートとベストプラクティスの実装ガイダンス
    on 20. September 2022 at 0:00

    本ブログは、Defense-in-Depth Updates for Azure Identity SDK and Azure Key Vault SDK plus Best Practice Implementation Guidance の抄訳版です。最新の情報は

  • Defense-in-Depth Updates for Azure Identity libraries and Azure Key Vault libraries within Azure SDK plus Best Practice Implementation Guidance
    on 20. September 2022 at 0:00

    Summary Summary Today, Microsoft released new versions of the Azure Key Vault libraries and Azure Identity libraries as part of the Azure Software Development Kit (SDK) that includes defense-in-depth feature improvements. We also published best practice guidance to help protect applications and services that allow externally controlled input into the Azure Key Vault client URI for processing.

  • 2022 年 9 月のセキュリティ更新プログラム (月例)
    on 13. September 2022 at 0:00

    2022 年 9 月 13 日 (米国時間)、マイクロソフトは、マイクロソフト製品に影響する脆弱性を修正するために、セキ

  • 好奇心旺盛、革新的、創造的、コミュニティ主導型:Cyb3rWard0g、ロベルトロドリケスに会う
    on 12. September 2022 at 0:00

    本ブログは、Curious, Innovative, Creative, Community Driven: Meet Cyb3rWard0g, Roberto Rodriquez の抄訳版です。最新の情報は原文を参照してください。 大きく

  • Curious, Innovative, Creative, Community Driven: Meet Cyb3rWard0g, Roberto Rodriquez
    on 7. September 2022 at 0:00

    When I grow up I want to be? Dancer or a veterinarian Happiest memories: Tearing up the dance floor at weddings and playing soccer in the streets of Lima, Peru Previous Job roles : Mopped floors for McDonalds, packed boxes at an Avon warehouse, Manager at Olive Garden, Beer taster/server and then dove into tech and security

  • What’s the smallest variety of CHERI?
    on 6. September 2022 at 0:00

    The Portmeirion project is a collaboration between Microsoft Research Cambridge, Microsoft Security Response Center, and Azure Silicon Engineering & Solutions. Over the past year, we have been exploring how to scale the key ideas from CHERI down to tiny cores on the scale of the cheapest microcontrollers. These cores are very different from the desktop and server-class processors that have been the focus of the Morello project.

  • Azure Synapse Spark で修正された脆弱性について
    on 1. September 2022 at 0:00

    本ブログは、Vulnerability Fixed in Azure Synapse Spark の抄訳版です。最新の情報は原文を参照してください。 概

  • Vulnerability Fixed in Azure Synapse Spark
    on 1. September 2022 at 0:00

    Summary Summary Microsoft takes a proactive approach to continually probe our defenses, hunt for vulnerabilities, and seek new, innovative ways to protect our customers. Security researchers are an important part of this effort, and our collaborative partnership is critical in a world where cybersecurity attacks continue to grow in number and sophistication.