Category: Uncategorized

2022 年 2 月 8 日（米国時間）、マイクロソフトは、マイクロソフト製品に影響する脆弱性を修正するために、セキ

Congratulations to all the researchers recognized in this quarter’s Microsoft Researcher Recognition Program leaderboard! Thank you to everyone for your hard work and continued partnership to secure customers.
The top three researchers of the 2021 Q4 Security Researcher Leaderboard are: rezer0dai (780 points) , Callum Carney (750 points) , and wtm (615 points) !

The Microsoft Researcher Recognition Program offers public thanks and recognition to security researchers who help protect our customers through discovering and sharing security vulnerabilities under Coordinated Vulnerability Disclosure.
Today, we are expanding the program to recognize more security researchers in more ways for their contributions to protecting customers, and we published the first new leaderboard on our program page.

Today, Arm announced that the first silicon supporting the Morello prototype architecture, a research project led by Arm, Microsoft, University of Cambridge and others, is now available on a limited run of demonstration boards, which are being shipped from today to industry partners for testing. Morello is the first high-performance implementation of the CHERI extensions.

2022 年 1 月 11 日（米国時間）、マイクロソフトは、マイクロソフト製品に影響する脆弱性を修正するために、セキ

Sharing information through the Security Update Guide is an important part of our ongoing effort to help customers manage security risks and keep systems protected. Based on your feedback we have been working to make signing up for and receiving Security Update Guide notifications easier. We are excited to share that starting today, you can sign up with any email address that you want and receive notifications at that email address.

MSRC was informed by Wiz.io, a cloud security vendor, under Coordinated Vulnerability Disclosure (CVD) of an issue where customers can unintentionally configure the .git folder to be created in the content root, which would put them at risk for information disclosure. This, when combined with an application configured to serve static content, makes it possible for others to download files not intended to be public.

2021 年 11 月以降のセキュリティ更新プログラムには、脆弱性を解決するために、Active Directory における 4 件のセ

2021 年 12 月 14 日（米国時間）に、マイクロソフトは、マイクロソフト製品に影響する脆弱性を修正するために、セ

“When you find the things I find, they really matter. They affect everybody’s security.”
Currently streaming : The Expanse and Lost in Space on Netflix
Currently listening to : Amorphis, Architects, and Killswitch Engage
Currently running : 130 kilometers (or ~80 miles) a month
Currently playing : Floorball (a type of floor hockey with five players and a goalkeeper)