What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-07-12 17:49:37 | Microsoft Mitigates Azure Site Recovery Vulnerabilities (lien direct) | > Microsoft Mitigates Azure Site Recovery Vulnerabilities Read More » | |||
|
2022-06-28 23:35:53 | Service Fabric Privilege Escalation from Containerized Workloads on Linux (lien direct) | > Service Fabric Privilege Escalation from Containerized Workloads on Linux Read More » | |||
|
2022-06-25 01:20:08 | A Man of Action: Meet Callum Carney (lien direct) | > A Man of Action: Meet Callum Carney Read More » | |||
|
2022-05-30 23:25:16 | Guidance for CVE-2022-30190 Microsoft Support Diagnostic Tool Vulnerability (lien direct) | > Guidance for CVE-2022-30190 Microsoft Support Diagnostic Tool Vulnerability Read More » | Tool Vulnerability | ||
|
2022-05-23 22:45:00 | New Research Paper: Pre-hijacking Attacks on Web User Accounts (lien direct) | > New Research Paper: Pre-hijacking Attacks on Web User Accounts Read More » | |||
|
2022-05-19 14:32:52 | Researcher Spotlight: Hector Peralta\'s Evolution from Popcorn Server to the MSRC Leaderboards (lien direct) | > Researcher Spotlight: Hector Peralta's Evolution from Popcorn Server to the MSRC Leaderboards Read More » | Guideline | ||
|
2022-05-13 17:00:00 | Anatomy of a Security Update (lien direct) | The Microsoft Security Response Center is part of the defender community and on the front line of security response for our customers and the company. Our mission is to protect customers and Microsoft from current and emerging threats related to security and privacy. We monitor threats and provide updated tools and guidance to help organizations … Anatomy of a Security Update Read More » | |||
|
2022-05-09 16:01:49 | Vulnerability mitigated in the third-party Data Connector used in Azure Synapse pipelines and Azure Data Factory (CVE-2022-29972) (lien direct) | Summary Microsoft recently mitigated a vulnerability in Azure Data Factory and Azure Synapse pipelines. The vulnerability was specific to the third-party Open Database Connectivity (ODBC) driver used to connect to Amazon Redshift in Azure Synapse pipelines and Azure Data Factory Integration Runtime (IR) and did not impact Azure Synapse as a whole. The vulnerability could … Vulnerability mitigated in the third-party Data Connector used in Azure Synapse pipelines and Azure Data Factory (CVE-2022-29972) Read More » | Vulnerability | ★★★★ | |
|
2022-04-28 12:30:00 | Azure Database for PostgreSQL Flexible Server Privilege Escalation and Remote Code Execution (lien direct) | MSRC was informed by Wiz, a cloud security vendor, under Coordinated Vulnerability Disclosure (CVD) of an issue with the Azure Database for PostgreSQL Flexible Server that could result in unauthorized cross-account database access in a region. By exploiting an elevated permissions bug in the Flexible Server authentication process for a replication user, a malicious user … Azure Database for PostgreSQL Flexible Server Privilege Escalation and Remote Code Execution Read More » | Vulnerability | ||
|
2022-04-21 16:05:00 | Congratulations and New Swag Awards for the Top MSRC 2022 Q1 Security Researchers! (lien direct) | Today, we are excited to recognize this quarter's Microsoft Researcher Recognition Program leaderboard and share new swag awards and improvements to the leaderboard. Congratulations and thank you to everyone for your hard work and continued partnership to secure customers. The top three researchers of the 2022 Q1 Security Researcher Leaderboard are: Yuki Chen, William Söderberg, … Congratulations and New Swag Awards for the Top MSRC 2022 Q1 Security Researchers! Read More » | Guideline | ||
|
2022-04-14 17:00:00 | Expanding High Impact Scenario Awards for Microsoft Bug Bounty Programs (lien direct) | We are excited to announce the addition of scenario-based bounty awards to the Dynamics 365 and Power Platform Bounty Program and M365 Bounty Program. Through these new scenario-based bounty awards, we encourage researchers to focus their research on vulnerabilities that have the highest potential impact on customer privacy and security. Awards increase by up to … Expanding High Impact Scenario Awards for Microsoft Bug Bounty Programs Read More » | |||
|
2022-04-05 23:41:01 | Microsoft\'s Response to CVE-2022-22965 Spring Framework (lien direct) | Summary Microsoft used the Spring Framework RCE, Early Announcement to inform analysis of the remote code execution vulnerability, CVE-2022-22965, disclosed on 31 Mar 2022. We have not to date noted any impact to the security of our enterprise services and have not experienced any degraded service availability due to this vulnerability. Threat analysis of the … Microsoft's Response to CVE-2022-22965 Spring Framework Read More » | Threat | ||
|
2022-04-05 18:00:00 | Randomizing the KUSER_SHARED_DATA Structure on Windows (lien direct) | Windows 10 made a lot of improvements in Kernel Address Space Layout Randomization (KASLR) that increases the cost of exploitation, particularly for remote code execution exploits. Many kernel virtual address space (VAS) locations including kernel stacks, pools, system PTEs etc. are randomized. A well-known exception to this is the KUSER_SHARED_DATA structure which is a page … Randomizing the KUSER_SHARED_DATA Structure on Windows Read More » | |||
|
2022-04-05 15:30:00 | On-Premises Servers Products are Here! Introducing the Applications and On-Premises Servers Bug Bounty Program (lien direct) | Microsoft is excited to announce the addition of Exchange on-premises, SharePoint on-premises, and Skype for Business on-premises to the Applications and On-Premises Servers Bounty Program. Through this expanded program, we encourage researchers to discover and report high-impact security vulnerabilities to help protect customers. We offer awards up to $26,000 USD for eligible submissions. The following … On-Premises Servers Products are Here! Introducing the Applications and On-Premises Servers Bug Bounty Program Read More » | |||
|
2022-04-01 00:24:33 | Increasing Representation of Women in Security Research (lien direct) | Microsoft is committed to partnering with and supporting women in security research. Whether it's growing women early in their career, or connecting people with mentors, we want to be a part of the journey. Throughout Women’s History Month we intentionally sought opportunities to engage with women in security research. Whether at an intimate gathering of … Increasing Representation of Women in Security Research Read More » | |||
|
2022-03-22 17:24:22 | Exploring a New Class of Kernel Exploit Primitive (lien direct) | The security landscape is dynamic, changing often and as a result, attack surfaces evolve. MSRC receives a wide variety of cases spanning different products, bug types and exploit primitives. One particularly interesting primitive we see is an arbitrary kernel pointer read. These often happen when kernel mode code does not validate that pointers read from … Exploring a New Class of Kernel Exploit Primitive Read More » | |||
|
2022-03-08 18:10:24 | Guidance for CVE-2022-23278 spoofing in Microsoft Defender for Endpoint (lien direct) | Microsoft released a security update to address CVE-2022-23278 in Microsoft Defender for Endpoint. This important class spoofing vulnerability impacts all platforms. We wish to thank Falcon Force for the collaboration on addressing this issue through coordinated vulnerability disclosure. Cybercriminals are looking for any opening to tamper with security protections in order to blind, confuse, or … Guidance for CVE-2022-23278 spoofing in Microsoft Defender for Endpoint Read More » | Vulnerability | ||
|
2022-03-07 14:36:45 | Disclosure of Vulnerability in Azure Automation Managed Identity Tokens (lien direct) | On December 10, 2021, Microsoft mitigated a vulnerability in the Azure Automation service. Azure Automation accounts that used Managed Identities tokens for authorization and an Azure Sandbox for job runtime and execution were exposed. Microsoft has not detected evidence of misuse of tokens. Microsoft has notified customers with affected Automation accounts. Microsoft recommends following the … Disclosure of Vulnerability in Azure Automation Managed Identity Tokens Read More » | Vulnerability | ||
|
2022-03-01 02:21:01 | Cyber threat activity in Ukraine: analysis and resources (lien direct) | Microsoft has been monitoring escalating cyber activity in Ukraine and has published analysis on observed activity in order to give organizations the latest intelligence to guide investigations into potential attacks and information to implement proactive protections against future attempts. We've brought together all our analysis and guidance for customers who may be impacted by events … Cyber threat activity in Ukraine: analysis and resources Read More » | Threat | ||
|
2022-02-11 16:31:18 | Researcher Spotlight: Cyber Viking Nate Warfield is Here to Help (lien direct) | “There are few jobs where I can say, I make two billion people more secure on the internet every single day.” Childhood Look: Goth kid, all in black Current Look: Cyber Viking Childhood hobby: Head banging to Metallica, Marilyn Manson, and Guns N' Roses Current hobby: n0x08 DJ's Live events around the world. Check him … Researcher Spotlight: Cyber Viking Nate Warfield is Here to Help Read More » | |||
|
2022-02-01 18:05:00 | Congratulations to the top MSRC 2021 Q4 Security Researchers! (lien direct) | Congratulations to all the researchers recognized in this quarter's Microsoft Researcher Recognition Program leaderboard! Thank you to everyone for your hard work and continued partnership to secure customers. The top three researchers of the 2021 Q4 Security Researcher Leaderboard are: rezer0dai (780 points), Callum Carney (750 points), and wtm (615 points)! In addition to our regular leaderboard, we … Congratulations to the top MSRC 2021 Q4 Security Researchers! Read More » | Guideline | ||
|
2022-02-01 18:00:00 | Expanding the Microsoft Researcher Recognition Program (lien direct) | The Microsoft Researcher Recognition Program offers public thanks and recognition to security researchers who help protect our customers through discovering and sharing security vulnerabilities under Coordinated Vulnerability Disclosure. Today, we are expanding the program to recognize more security researchers in more ways for their contributions to protecting customers, and we published the first new leaderboard … Expanding the Microsoft Researcher Recognition Program Read More » | Vulnerability Guideline | ||
|
2022-01-20 10:52:58 | An Armful of CHERIs (lien direct) | Today, Arm announced the first silicon supporting the Morello prototype architecture, a research project led by Arm, Microsoft, University of Cambridge and others, is now available on a limited run of demonstration boards, being shipped from today to industry partners for testing. Morello is the first high-performance implementation of the CHERI extensions. CHERI provides fine-grained … An Armful of CHERIs Read More » | |||
|
2022-01-11 18:06:13 | Coming Soon: New Security Update Guide Notification System (lien direct) | Sharing information through the Security Update Guide is an important part of our ongoing effort to help customers manage security risks and keep systems protected. Based on your feedback we have been working to make signing up for and receiving Security Update Guide notifications easier. We are excited to share that starting today, you can … Coming Soon: New Security Update Guide Notification System Read More » | |||
|
2021-12-22 18:07:24 | Azure App Service Linux source repository exposure (lien direct) | MSRC was informed by Wiz.io, a cloud security vendor, under Coordinated Vulnerability Disclosure (CVD) of an issue where customers can unintentionally configure the .git folder to be created in the content root, which would put them at risk for information disclosure. This, when combined with an application configured to serve static content, makes it possible … Azure App Service Linux source repository exposure Read More » | Vulnerability | ||
|
2021-12-14 20:02:20 | Researcher Spotlight: Dr. Nestori Syynimaa\'s Constant Mission Protecting Identities (lien direct) | “When you find the things I find, they really matter. They affect everybody's security.” Currently streaming: The Expanse and Lost in Space on Netflix Currently listening to: Amorphis, Architects, and Killswitch Engage Currently running: 130 kilometers (or ~80 miles) a month Currently playing: Floorball (a type of floor hockey with five players and a goalkeeper) … Researcher Spotlight: Dr. Nestori Syynimaa's Constant Mission Protecting Identities Read More » | |||
|
2021-12-12 05:28:18 | Microsoft\'s Response to CVE-2021-44228 Apache Log4j 2 (lien direct) | Published on: 2021 Dec 11 SUMMARY Microsoft is investigating the remote code execution vulnerability (CVE-2021-44228) related to Apache Log4j (a logging tool used in many Java-based applications) disclosed on 9 Dec 2021. As we and the industry at large continue to gain a deeper understanding of the impact of this threat, we will publish technical … Microsoft's Response to CVE-2021-44228 Apache Log4j 2 Read More » | Tool Vulnerability | ||
|
2021-11-17 20:02:19 | Guidance for Azure Active Directory (AD) keyCredential property Information Disclosure in Application and Service Principal APIs (lien direct) | Microsoft recently mitigated an information disclosure issue, CVE-2021-42306, to prevent private key data from being stored by some Azure services in the keyCredentials property of an Azure Active Directory (Azure AD) Application and/or Service Principal, and prevent reading of private key data previously stored in the keyCredentials property.The keyCredentials property is used to configure an … Guidance for Azure Active Directory (AD) keyCredential property Information Disclosure in Application and Service Principal APIs Read More » | |||
|
2021-11-11 22:47:39 | BlueHat is Back! (lien direct) | After a short hiatus, BlueHat is coming back with a vengeance! And we've got big plans for the entire researcher community. But first, I must apologize. It's been a while since you have heard from us. We didn't have BlueHat 2020 or 2021, and we know that was disappointing. It was partly due to the … BlueHat is Back! Read More » | |||
|
2021-10-25 17:04:02 | We\'re Excited to Announce the Launch of Comms Hub! (lien direct) | We are excited to announce the launch of Comms Hub to the Researcher Portal submission experience! With this launch, security researchers will be able to streamline communication with MSRC case SPMs (case managers), attach additional files, track case and bug bounty status all in the Researcher Portal. Summary – What is Comms Hub? Comms Hub … We're Excited to Announce the Launch of Comms Hub! Read More » | ★★★★★ | ||
|
2021-10-18 16:30:00 | New High Impact Scenarios and Awards for the Azure Bounty Program (lien direct) | Microsoft is excited to announce new Azure Bounty Program awards up to $60,000 to encourage and reward vulnerability research focused on the highest potential impact to customer security. These increased awards are a part of our ongoing investment in partnership with the security research community, and an important part of Microsoft's holistic approach to defending … New High Impact Scenarios and Awards for the Azure Bounty Program Read More » | Vulnerability | ||
|
2021-10-14 17:00:00 | Congratulations to the Top MSRC 2021 Q3 Security Researchers! (lien direct) | Congratulations to all the researchers recognized in this quarter's MSRC Researcher Recognition Program leaderboard! Thank you to everyone for your hard work and continued partnership to secure customers. The top three researchers of the 2021 Q3 Security Researcher Leaderboard are: BugHunter010 (840 points), Callum Carney (828 points), and Nir Ohfeld (525 points)! Each quarterly leaderboard … Congratulations to the Top MSRC 2021 Q3 Security Researchers! Read More » | Guideline | ★★ | |
|
2021-10-13 16:05:00 | Power Platform is Here! Introducing the Dynamics 365 and Power Platform Bug Bounty Program (lien direct) | Microsoft is excited to announce the addition of Power Platform to the newly rebranded Dynamics 365 and Power Platform Bounty Program. Through this expanded program, we encourage researchers to discover and report high impact security vulnerabilities they may find in the new Power Platform scope to help protect customers. We offer awards up to $20,000 … Power Platform is Here! Introducing the Dynamics 365 and Power Platform Bug Bounty Program Read More » | |||
|
2021-09-17 01:28:04 | Additional Guidance Regarding OMI Vulnerabilities within Azure VM Management Extensions (lien direct) | On September 14, 2021, Microsoft released fixes for three Elevation of Privilege (EoP) vulnerabilities and one unauthenticated Remote Code Execution (RCE) vulnerability in the Open Management Infrastructure (OMI) framework: CVE-2021-38645, CVE-2021-38649, CVE-2021-38648, and CVE-2021-38647, respectively. Open Management Infrastructure (OMI) is an open-source Web-Based Enterprise Management (WBEM) implementation for managing Linux and UNIX systems. Several Azure Virtual Machine (VM) management extensions use this framework to … Additional Guidance Regarding OMI Vulnerabilities within Azure VM Management Extensions Read More » | |||
|
2021-09-08 22:00:00 | Coordinated disclosure of vulnerability in Azure Container Instances Service (lien direct) | Microsoft recently mitigated a vulnerability reported by a security researcher in the Azure Container Instances (ACI). Our investigation surfaced no unauthorized access to customer data. Out of an abundance of caution we notified customers with containers running on the same clusters as the researchers via Service Health Notifications in the Azure Portal. If you did not receive a notification, no action is required with respect to this vulnerability. | Vulnerability | ||
|
2021-08-27 20:22:58 | Update on the vulnerability in the Azure Cosmos DB Jupyter Notebook Feature (lien direct) | On August 12, 2021, a security researcher reported a vulnerability in the Azure Cosmos DB Jupyter Notebook feature that could potentially allow a user to gain access to another customer’s resources by using the account’s primary read-write key. We mitigated the vulnerability immediately. Our investigation indicates that no customer data was accessed because of this … Update on the vulnerability in the Azure Cosmos DB Jupyter Notebook Feature Read More » | Vulnerability | ||
|
2021-08-19 16:05:00 | Announcing the Launch of the Azure SSRF Security Research Challenge (lien direct) | Microsoft is excited to announce the launch of a new, three-month security research challenge under the Azure Security Lab initiative. The Azure Server-Side Request Forgery (SSRF) Research Challenge invites security researchers to discover and share high impact SSRF vulnerabilities in Microsoft Azure. Qualified submissions are eligible for bounty rewards up to $60,000 USD, with additional … Announcing the Launch of the Azure SSRF Security Research Challenge Read More » | |||
|
2021-08-10 17:20:07 | Point and Print Default Behavior Change (lien direct) | Our investigation into several vulnerabilities collectively referred to as “PrintNightmare” has determined that the default behavior of Point and Print does not provide customers with the level of security required to protect against potential attacks. Today, we are addressing this risk by changing the default Point and Print driver installation and update behavior to require … Point and Print Default Behavior Change Read More » | |||
|
2021-08-04 16:00:00 | Congratulations to the MSRC 2021 Most Valuable Security Researchers! (lien direct) | The MSRC Researcher Recognition Program offers public thanks and acknowledgement to the researchers who help protect customers through discovering and sharing security vulnerabilities under Coordinated Vulnerability Disclosure. Today, we are excited to recognize this year's Most Valuable Security Researchers (MVRs) based on the impact, accuracy, and volume of their reports. Congratulations to each of our MSRC … Congratulations to the MSRC 2021 Most Valuable Security Researchers! Read More » | Vulnerability | ||
|
2021-07-19 17:00:00 | Introducing Bounty Awards for Teams Mobile Applications Security Research (lien direct) | We are pleased to announce the addition of Microsoft Teams mobile applications to the Microsoft Applications Bounty Program. Through the expanded program we welcome researchers from across the globe to seek out and disclose any high impact security vulnerabilities they may find in Teams mobile applications to help secure customers. Rewards up to $30,000 USD … Introducing Bounty Awards for Teams Mobile Applications Security Research Read More » | |||
|
2021-07-15 17:00:00 | (Déjà vu) Announcing the Top MSRC 2021 Q2 Security Researchers – Congratulations! (lien direct) | We're excited to announce the top contributing researchers for the 2021 Second Quarter (Q2)! Congratulations to all the researchers recognized in this quarter's leaderboard and thank you to everyone who continues to help secure our customers and the ecosystem. The top three researchers of the 2021 Q2 Security Researcher Leaderboard are: Yuki Chen (765 points), … Announcing the Top MSRC 2021 Q2 Security Researchers – Congratulations! Read More » | Guideline | ★★★★★ | |
|
2021-07-09 01:00:42 | Clarified Guidance for CVE-2021-34527 Windows Print Spooler Vulnerability (lien direct) | On Tuesday July 6, 2021, Microsoft issued CVE-2021-34527 regarding a Windows Print Spooler vulnerability. Updates were released on July 6 and 7 which addressed the vulnerability for all supported Windows versions. We encourage customers to update as soon as possible. CVE-2021-34527 – Windows Print Spooler Remote Code Execution Vulnerability. Following the out of band release … Clarified Guidance for CVE-2021-34527 Windows Print Spooler Vulnerability Read More » | Vulnerability | ||
|
2021-07-08 16:00:00 | Microsoft Bug Bounty Programs Year in Review: $13.6M in Rewards (lien direct) | Partnering with the security research community is an important part of Microsoft's holistic approach to defending against security threats. Bug bounty programs are one part of this partnership. By discovering and reporting vulnerabilities to Microsoft through Coordinated Vulnerability Disclosure (CVD), researchers continue to help us secure millions of customers. Over the past 12 months, Microsoft … Microsoft Bug Bounty Programs Year in Review: $13.6M in Rewards Read More » | Vulnerability | ||
|
2021-07-06 23:36:00 | Out-of-Band (OOB) Security Update available for CVE-2021-34527 (lien direct) | Today Microsoft released an Out-of-Band (OOB) security update for CVE-2021-34527, which is being discussed externally as PrintNightmare. This is a cumulative update release, so it contains all previous security fixes and should be applied immediately to fully protect your systems. The fix that we released today fully addresses the public vulnerability, and it also includes a new feature that allows customers to implement stronger protections. See: KB5005010: … Out-of-Band (OOB) Security Update available for CVE-2021-34527 Read More » | |||
|
2021-06-25 22:18:03 | New Nobelium activity (lien direct) | The Microsoft Threat Intelligence Center is tracking new activity from the NOBELIUM threat actor. Our investigation into the methods and tactics being used continues, but we have seen password spray and brute-force attacks and want to share some details to help our customers and communities protect themselves. This recent activity was mostly unsuccessful, and the majority of targets were not successfully compromised – we … New Nobelium activity Read More » | Threat | ||
|
2021-06-25 19:34:58 | Investigating and Mitigating Malicious Drivers (lien direct) | The security landscape continues to rapidly evolve as threat actors find new and innovative methods to gain access to environments across a wide range of vectors. As the industry moves closer to the adoption of a Zero Trust security posture with broad and layered defenses, we remain committed to sharing threat intelligence with the community … Investigating and Mitigating Malicious Drivers Read More » | Threat | ||
|
2021-04-29 16:56:36 | “BadAlloc” – Memory allocation vulnerabilities could affect wide range of IoT and OT devices in industrial, medical, and enterprise networks (lien direct) | Microsoft's Section 52, the Azure Defender for IoT security research group, recently uncovered a series of critical memory allocation vulnerabilities in IoT and OT devices that adversaries could exploit to bypass security controls in order to execute malicious code or cause a system crash. These remote code execution (RCE) vulnerabilities cover more than 25 CVEs … “BadAlloc” – Memory allocation vulnerabilities could affect wide range of IoT and OT devices in industrial, medical, and enterprise networks Read More " | ★★★★ | ||
|
2021-04-15 17:00:00 | Congratulating Our Top MSRC 2021 Q1 Security Researchers! (lien direct) | We're excited to announce the top contributing researchers for the 2021 First Quarter (Q1)! Congratulations to all the researchers recognized in this quarter's leaderboard and thank you to everyone who continues to help secure our customers and the ecosystem. The top three researchers of the 2021 Q1 Security Researcher Leaderboard are: Yuki Chen (4365 points), … Congratulating Our Top MSRC 2021 Q1 Security Researchers! Read More " | Guideline | ||
|
2021-04-13 17:01:39 | April 2021 Update Tuesday packages now available (lien direct) | Today is Update Tuesday – our commitment to provide a predictable monthly schedule to release updates and provide the latest protection to our customers. Update Tuesday is a monthly cycle when Microsoft releases patches for vulnerabilities that we have found proactively or that have been disclosed to us through our security partnerships under a coordinated … April 2021 Update Tuesday packages now available Read More " | |||
|
2021-03-16 18:44:28 | Guidance for responders: Investigating and remediating on-premises Exchange Server vulnerabilities (lien direct) | This guidance will help customers address threats taking advantage of the recently disclosed Microsoft Exchange Server on-premises vulnerabilities CVE-2021-26855, CVE-2021-26858, CVE-2021-26857, and CVE-2021-27065. Microsoft will continue to monitor these threats and provide updated tools and investigation guidance to help organizations defend against, identify, and remediate associated attacks. | ★★★★★ |
To see everything:
Our RSS (filtrered)
