Microsoft Security Response Center Blog Alerts

Tag Search: MSRC alerts

Customer Guidance on Recent Nation-State Cyber Attacks

Posted on Monday December 14, 2020  |  MSRC alerts

This post contains technical details about the methods of the actor we believe was involved in Recent Nation-State Cyber Attacks, with the goal to enable the broader security community to hunt for activity in their networks and contribute to a shared defense against this sophisticated threat actor. As we wrote in that blog, while these...

 

Security Update Guide: Let's keep the conversation going

Posted on Tuesday December 08, 2020  |  MSRC alerts

Hi Folks, We want to continue to highlight changes we've made to our Security Update Guide. We have received a lot of feedback, much of which has been very positive. We acknowledge there have been some stability problems and we are actively working through reports of older browsers not being able to run the new application. We really appreciate your feedback as we review these issues.

 

Vulnerability Descriptions in the New Version of the Security Update Guide

Posted on Monday November 09, 2020  |  MSRC alerts

With the launch of the new version of the Security Update Guide, Microsoft is demonstrating its commitment to industry standards by describing the vulnerabilities with the Common Vulnerability Scoring System (CVSS).  This is a precise method that describes the vulnerability with attributes such as the attack vector, the complexity of the attack, whether an adversary...

 

Attacks exploiting Netlogon vulnerability (CVE-2020-1472)

Posted on Thursday October 29, 2020  |  MSRC alerts

Microsoft has received a small number of reports from customers and others about continued activity exploiting a vulnerability affecting the Netlogon protocol (CVE-2020-1472) which was previously addressed in security updates starting on August 11, 2020. If the original guidance is not applied, the vulnerability could allow an attacker to spoof a domain controller account that could be...

 

Announcing the Top MSRC 2020 Q3 Security Researchers

Posted on Thursday October 15, 2020  |  MSRC alerts

Following the MSRC's 2020 Most Valuable Security Researchers announced during this year's Black Hat, we're excited to announce the top contributing researchers for the 2020 Third Quarter (Q3)! The top three researchers of the 2020 Q3 Security Researcher Leaderboard are: David Dworken (1800 points), Cameron Vincent (1780 points), and Yuki Chen (1380 points). Congratulations to...

 

Security Analysis of CHERI ISA

Posted on Wednesday October 14, 2020  |  MSRC alerts

Is it possible to get to a state where memory safety issues would be deterministically mitigated? Our quest to mitigate memory corruption vulnerabilities led us to examine CHERI (Capability Hardware Enhanced RISC Instructions), which provides memory protection features against many exploited vulnerabilities, or in other words, an architectural solution that breaks exploits. We've looked at...

 

Page:   12345678910111213141516171819202122232425262728293031

Celebrating 35+ Years

Managed Internet Connections

Contact Us

Support Ends for Windows 10 22H2, Windows Server 2012 R2, Exchange 2013, Office 2016