Feeds Microsoft

Allgemeine Sicherheitsinformationen von Microsoft

  • Congratulations to the MSRC’s 2020 Most Valuable Security Researchers
    by Sylvie Liu on 5. August 2020 at 16:00

    Today we announce our Most Valuable Security Researchers for 2020! The MSRC Researcher Recognition program is an integral aspect of recognizing the ongoing partnerships with our community of talented security researchers who report through Coordinated Vulnerability Disclosure (CVD). These recognitions run throughout specific periods of the year and provide regular opportunities to recognize those who … Congratulations to the MSRC’s 2020 Most Valuable Security Researchers Read More » The post Congratulations to the MSRC’s 2020 Most Valuable Security Researchers appeared first on Microsoft Security Response Center.

  • Microsoft Bug Bounty Programs Year in Review: $13.7M in Rewards
    by Jarek Stanley on 4. August 2020 at 15:58

    Security researchers are a vital component of the cybersecurity ecosystem that safeguards every facet of digital life and commerce. The researchers who devote time to uncovering and reporting security issues before adversaries can exploit them have earned our collective respect and gratitude. The security landscape is constantly changing with emerging technology and new threats. By … Microsoft Bug Bounty Programs Year in Review: $13.7M in Rewards Read More » The post Microsoft Bug Bounty Programs Year in Review: $13.7M in Rewards appeared first on Microsoft Security Response Center.

  • Microsoft Joins Open Source Security Foundation
    by MSRC Team on 3. August 2020 at 16:00

    Microsoft has invested in the security of open source software for many years and today I’m excited to share that Microsoft is joining industry partners to create the Open Source Security Foundation (OpenSSF), a new cross-industry collaboration hosted at the Linux Foundation. The OpenSSF brings together work from the Linux Foundation-initiated Core Infrastructure Initiative (CII), … Microsoft Joins Open Source Security Foundation Read More » The post Microsoft Joins Open Source Security Foundation appeared first on Microsoft Security Response Center.

  • Black Hat 2020: See you in the Cloud!
    by MSRC Team on 30. Juli 2020 at 22:35

    It hardly feels like summer without the annual trip to Las Vegas for Black Hat USA. With this year’s event being totally cloud based, we won’t have the chance to catch up with security researchers, industry partners, and customers in person, an opportunity we look forward to every year. We’ll still be there though, and … Black Hat 2020: See you in the Cloud! Read More » The post Black Hat 2020: See you in the Cloud! appeared first on Microsoft Security Response Center.

  • Updates to the Windows Insider Preview Bounty Program
    by MSRC Team on 24. Juli 2020 at 16:15

    Partnering with the research community is an important part of Microsoft’s holistic approach to defending against security threats. Bounty programs are one part of this partnership, designed to encourage and reward vulnerability research focused on the highest impact to customer security. The Windows Insider Preview (WIP) Bounty Program is a key program for Microsoft and … Updates to the Windows Insider Preview Bounty Program Read More » The post Updates to the Windows Insider Preview Bounty Program appeared first on Microsoft Security Response Center.

  • Top MSRC 2020 Q2 Security Researchers Announced – Congratulations!
    by Sylvie Liu on 15. Juli 2020 at 17:00

    We are excited to announce the top contributing researchers for the 2020 Second Quarter (Q2)! Congratulations to all the researchers who continue to rock the leaderboard, and a big thank you to everyone for your contribution to securing our customers and the ecosystem. The top three researchers of the 2020 Second Quarter (Q2) Security Researcher … Top MSRC 2020 Q2 Security Researchers Announced – Congratulations! Read More » The post Top MSRC 2020 Q2 Security Researchers Announced – Congratulations! appeared first on Microsoft Security Response Center.

  • July 2020 Security Update: CVE-2020-1350 Vulnerability in Windows Domain Name System (DNS) Server
    by MSRC Team on 14. Juli 2020 at 17:01

    Today we released an update for CVE-2020-1350, a Critical Remote Code Execution (RCE) vulnerability in Windows DNS Server that is classified as a ‘wormable’ vulnerability and has a CVSS base score of 10.0. This issue results from a flaw in Microsoft’s DNS server role implementation and affects all Windows Server versions. Non-Microsoft DNS Servers are not affected. Wormable vulnerabilities have the potential to spread via malware between vulnerable computers without user interaction. Windows DNS Server is a core networking component. While this … July 2020 Security Update: CVE-2020-1350 Vulnerability in Windows Domain Name System (DNS) Server Read More » The post July 2020 Security Update: CVE-2020-1350 Vulnerability in Windows Domain Name System (DNS) Server appeared first on Microsoft Security Response Center.

  • Solving Uninitialized Kernel Pool Memory on Windows
    by Joe Bialek on 2. Juli 2020 at 17:57

    This blog post outlines the work that Microsoft is doing to eliminate uninitialized kernel pool memory vulnerabilities from Windows and why we’re on this path. For a background on why uninitialized memory matters and what options have been used in the past to tackle this issue, please see our previous blog post. The brief recap … Solving Uninitialized Kernel Pool Memory on Windows Read More » The post Solving Uninitialized Kernel Pool Memory on Windows appeared first on Microsoft Security Response Center.

  • Machine Learning Security Evasion Competition 2020 Invites Researchers to Defend and Attack
    by Jarek Stanley on 1. Juni 2020 at 16:00

    Machine learning (ML) is an increasingly valuable tool in cyber security as adversaries continually evolve their tactics and techniques to evade detection. As machine learning has advanced and sophisticated ML models have been developed to assist security professionals in protecting the cloud, adversaries have been busy developing malware designed to evade ML models. To proactively … Machine Learning Security Evasion Competition 2020 Invites Researchers to Defend and Attack Read More » The post Machine Learning Security Evasion Competition 2020 Invites Researchers to Defend and Attack appeared first on Microsoft Security Response Center.

  • Solving Uninitialized Stack Memory on Windows
    by Joe Bialek on 13. Mai 2020 at 17:01

    This blog post outlines the work that Microsoft is doing to eliminate uninitialized stack memory vulnerabilities from Windows and why we’re on this path. This blog post will be broken down into a few parts that folks can jump to: Uninitialized Memory Background Potential Solutions to Uninitialized Memory Vulnerabilities InitAll – Automatic Initialization Interesting Findings … Solving Uninitialized Stack Memory on Windows Read More » The post Solving Uninitialized Stack Memory on Windows appeared first on Microsoft Security Response Center.

  • Handle v4.22, NotMyFault v4.20, Process Explorer v16.25, Sysmon v10.1
    by Mark Russinovich on 15. Juni 2019 at 19:27

    Handle v4.22 This release of Handle fixes a race condition in the driver that could lead to a...

  • Sysmon v10.0, Autoruns v13.95, VMMap v3.26
    by Mark Russinovich on 12. Juni 2019 at 3:29

    Sysmon 10.0 This release of Sysmon adds DNS query logging, reports OriginalFileName in process...

  • Sysmon v9.0, Autoruns v13.94
    by Mark Russinovich on 19. Februar 2019 at 20:47

    Sysmon 9.0 Sysmon v9.0 introduces rule groups that enable the specification of AND or OR matching...

  • Autoruns v13.93, Handle v4.21, Process Explorer v16.22, SDelete v2.02, Sigcheck v2.71, Sysmon v8.02 and VMMap v3.25
    by Mark Russinovich on 9. Dezember 2018 at 22:58

    Autoruns 13.93 This Autoruns update fixes a bug that prevented UserInitMprLogonScript from being...

  • Sigcheck 2.70, BgInfo v4.26, and VMMap v3.22
    by Mark Russinovich on 21. Oktober 2018 at 13:08

    Sigcheck v2.70 Windows WinVerifyTrust function reports signed MSI files that have malware appended...

  • Sysmon v8.0, Autoruns v13.90
    by Mark Russinovich on 5. Juli 2018 at 23:33

    Sysmon v8.0 This update to Sysmon adds rule tagging, which results in tags appearing in event log...

  • RAMMap v1.51
    by Mark Russinovich on 1. Juni 2018 at 13:25

    RAMMap v1.51 This update to RAMMap fixes an incompatibility with the latest version of Windows 10.

  • Sysmon v7.03
    by Mark Russinovich on 14. Mai 2018 at 17:05

    Sysmon v7.03 This update to Sysmon fixes a service executable crash that could result from long...

  • Sysmon v7.02
    by Mark Russinovich on 30. April 2018 at 4:12

    Sysmon v7.02 This update to Sysmon, an advanced security logging service, fixes memory leaks in its...

  • Process Monitor v3.50, Autoruns v13.82, Du v1.61, SDelete v2.01
    by Mark Russinovich on 17. Februar 2018 at 15:28

    Process Monitor v3.50 Process Monitor now includes a /runtime switch to control headless capture...