Prevent a worm by updating Remote Desktop Services (CVE-2019-0708)

Posted on Tuesday May 14, 2019  |  MSRC alerts

Today Microsoft released fixes for a critical Remote Code Execution vulnerability, CVE-2019-0708, in Remote Desktop Services – formerly known as Terminal Services – that affects some older versions of Windows. The Remote Desktop Protocol (RDP) itself is not vulnerable. This vulnerability is pre-authentication and requires no user interaction. In other words, the vulnerability is 'wormable', meaning that any future malware that exploits this vulnerability could propagate from...


April 2019 Security Update Release

Posted on Tuesday April 09, 2019  |  MSRC alerts

Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month's security updates can be found on the Security Update Guide. Tags Security Advisory Security Update Update Tuesday


Microsoft Bounty Program Updates: Faster bounty review, faster payments, and higher rewards

Posted on Tuesday April 02, 2019  |  MSRC alerts

In 2018 The Microsoft Bounty Program awarded over $2,000,000 to encourage and reward external security research in key technologies to protect our customers. Building on that success, we are excited to announce a number of improvements in our bounty programs to better serve the security research community. Faster bounty review - As of January 2019,...


Join Microsoft Security Response at the Product Security Operations forum at LocoMocoSec!

Posted on Saturday March 16, 2019  |  MSRC alerts

The MSRC is more than managing vulnerability reports, publishing Microsoft security updates, and defending the cloud. The MSRC is passionate about helping everyone improve internal engineering practices and supporting the defender community, and are excited to partner with Blackberry to host a Product Security Operations Forum at LocoMocoSec on April 18, 2019. Featuring exceptional speakers...


Call for Papers | Microsoft BlueHat Shanghai 2019

Posted on Wednesday March 13, 2019  |  MSRC alerts

The Microsoft Security Response Center (MSRC) recently announced our first BlueHat security conference in Shanghai which will take place on May 29-30, 2019. After 15 years of BlueHat events in Redmond, Washington and Israel, we are thrilled to expand to a new location. We work with many talented security researchers throughout the Asia Pacific region...


Practical advice for earning higher Microsoft bounty awards

Posted on Tuesday March 12, 2019  |  MSRC alerts

This year at the Nullcon International Security Conference I shared practical advice for how security researchers can maximize the impact of their security vulnerability submissions and earn higher bounty awards under the Microsoft Bounty Program. For those who couldn't be there, I had two core pieces of advice. First, focus vulnerability research on the products...


Page:   1...19202122232425262728

Celebrating 30 Years

Managed Internet Connections

Contact Us