The security of Microsoft’s cloud services is a top priority for us. One of the technologies that is central to cloud security is Microsoft Hyper-V which we use to isolate tenants from one another in the cloud. Given the importance of this technology, Microsoft has made and continues to make significant investment in the security of Hyper-V and the powerful security features that it enables, such as Virtualization-Based Security (VBS).
Category: Uncategorized
Recognizing Q3 Top 5 Bounty Hunters
Throughout the year, security researchers submit some amazing work to us under the Microsoft Bug Bounty program. Starting this quarter, we want to give a shout out to and acknowledge the hard work and dedication of the following individuals and companies who have contributed to securing Microsoft’s products and services over our third quarter (January-March 2018).
「Emotet」の大規模感染を阻止した人工知能のしくみ
本記事は、Microsoft Secure のブログ “How artificial intelligence stopped an Emotet outbreak” (2018 年 2 月 14 日 米国時間公開)
挙動監視と機械学習で大規模な「Dofoil」によるコイン マイニング攻撃を阻止
本記事は、Microsoft Secure のブログ “Behavior monitoring combined with machine learning spoils a massive Dofoil coin mining campaign” (2018 年
April 2018 security update release
Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice. More information about this month’s security updates can be found in the Security Update Guide.
DLL の植え付けの脆弱性のトリアージ
本記事は、Security Research & Defense のブログ “Triaging a DLL planting vulnerability” (2018 年 4 月
Triaging a DLL planting vulnerability
DLL planting (aka binary planting/hijacking/preloading) resurface every now and then, it is not always clear on how Microsoft will respond to the report. This blog post will try to clarify the parameters considered while triaging DLL planting issues.
It is well known that when an application loads a DLL without specifying a fully qualified path, Windows attempts to locate the DLL by searching a well-defined set of directories in an order known as DLL search order.
KVA Shadow: Mitigating Meltdown on Windows
On January 3rd, 2018, Microsoft released an advisory and security updates that relate to a new class of discovered hardware vulnerabilities, termed speculative execution side channels, that affect the design methodology and implementation decisions behind many modern microprocessors. This post dives into the technical details of Kernel Virtual Address (KVA) Shadow which is the Windows kernel mitigation for one specific speculative execution side channel: the rogue data cache load vulnerability (CVE-2017-5754, also known as “Meltdown” or “Variant 3”).
投機的実行に関する報奨金プログラムの開始
本記事は、Microsoft Security Response Center のブログ “Speculative Execution Bounty Launch” (2016 年 3 月 14 日 米国