The Azure Sphere Security Research Challenge brought together 70 researchers from 21 countries to help secure Azure Sphere customers and expand Microsoft’s partnerships with the global IoT security research community. During the three-month Azure Sphere Security Research Challenge, researchers surfaced 20 Critical or Important severity security vulnerabilities, with Microsoft awarding $374,300 in bounty awards for 16 bounty eligible reports.
Category: Uncategorized
New and improved Security Update Guide!
We’re excited to announce a significant update to the Security Update Guide, our one-stop site for information about all security updates provided by Microsoft. This new version will provide a more intuitive user experience to help protect our customers regardless of what Microsoft products or services they use in their environment.
What to Expect When Reporting Vulnerabilities to Microsoft
At the Microsoft Security Response Center’s (MSRC), our primary mission is to help protect our customers. One of the ways we do this is by working with security researchers to discover security vulnerabilities in our services and products, and then making sure those that pose a threat to customers get fixed.
[AD 管理者向け] CVE-2020-1472 Netlogon の対応ガイダンスの概要
2020 年 8 月の月例セキュリティ更新プログラム (2020 年 8 月 11 日 公開 (米国時間)) にて、Active Directory で利用され
Local Administrator Password Solution (LAPS) 導入ガイド (日本語版)
Active Directory 管理者のみなさん、Local Administrator Password Solution (LAPS) ツールはご存じですか? LAPS ツールは、Active Directory (AD) に参加して
Control Flow Guard for Clang/LLVM and Rust
As part of our ongoing efforts towards safer systems programming, we’re pleased to announce that Windows Control Flow Guard (CFG) support is now available in the Clang C/C++ compiler and Rust.
What is Control Flow Guard? What is Control Flow Guard? CFG is a platform security technology designed to enforce control flow integrity.
Congratulations to the MSRC’s 2020 Most Valuable Security Researchers
Today we announce our Most Valuable Security Researchers for 2020! The MSRC Researcher Recognition program is an integral aspect of recognizing the ongoing partnerships with our community of talented security researchers who report through Coordinated Vulnerability Disclosure (CVD). These recognitions run throughout specific periods of the year and provide regular
Microsoft Bug Bounty Programs Year in Review: $13.7M in Rewards
Security researchers are a vital component of the cybersecurity ecosystem that safeguards every facet of digital life and commerce. The researchers who devote time to uncovering and reporting security issues before adversaries can exploit them have earned our collective respect and gratitude.
The security landscape is constantly changing with emerging technology and new threats.