We have released the September security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates.
More information about this month’s security updates can be found in the Security Update Guide.
As a reminder, Windows 7 and Windows Server 2008 R2 will be out of extended support and no longer receiving updates as of January 14, 2020.
BlueHat Seattle 2019 Call for Papers is Now Open!
2019 has seen a phenomenal BlueHatIL in February followed by a wildly successful BlueHat Shanghai in May… now it’s time to come back home for BlueHat Seattle!
2 days of hands-on technical training (October 22-23, 2019) 2 days of conference talks from industry-leading security researchers and cyber defenders (October 24-25, 2019) great creative spaces ready to spark thought-provoking conversations and collaborative partnerships The Call for Papers (CFP) for BlueHat Seattle 2019 is now open through September 20, 2019.
Acquiring a VHD to Investigate
In a previous post we described some of the differences between on-premises/physical forensics and cyber investigations and those performed in the cloud, and how this can make cloud forensics challenging. That blog post described a method of creating and maintaining a VM image which can be distributed to multiple regions, allowing you to deploy this pre-prepared machine to be used in an investigation in a matter of minutes.
Scalable infrastructure for investigations and incident response
Traditional computer forensics and cyber investigations are as relevant in the cloud as they are in on-premise environments, but the methods in which to access and perform such investigations differ. This post will describe some of the challenges of bringing on-premises forensics techniques to the cloud and show one solution to overcome these challenges, using Azure functionality.
Announcing the Microsoft Edge Insider Bounty
This week, we released the first Beta preview of the next version of Microsoft Edge. Alongside this, Microsoft is excited to announce the launch of the Microsoft Edge Insider Bounty Program. We welcome researchers to seek out and disclose any high impact vulnerabilities they may find in the next version of Microsoft Edge, based on Chromium, and offer rewards up to US$30,000 for eligible vulnerabilities in Dev and Beta channels.
Patch new wormable vulnerabilities in Remote Desktop Services (CVE-2019-1181/1182)
Today Microsoft released a set of fixes for Remote Desktop Services that include two critical Remote Code Execution (RCE) vulnerabilities, CVE-2019-1181 and CVE-2019-1182. Like the previously-fixed ‘BlueKeep’ vulnerability (CVE-2019-0708), these two vulnerabilities are also ‘wormable’, meaning that any future malware that exploits these could propagate from vulnerable computer to vulnerable computer without user interaction.
August 2019 Security Updates
We have released the August security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates.
More information about this month’s security updates can be found in the Security Update Guide.
As a reminder, Windows 7 and Windows Server 2008 R2 will be out of extended support and no longer receiving updates as of January 14, 2020.
Microsoft Announces Top Three Contributing Partners in the Microsoft Active Protections Program (MAPP)
Today Microsoft announced the MAPP program Top Vulnerability Contributors, Top Threat Indicator Submitters, and Top Zero-Day Reporting for the period of July 1, 2018 – June 30, 2019.
The Microsoft Active Protections Program provides security and protection to customers through cooperation and collaboration with industry leading partners.
While all MAPP partners have made a significant impact on the security ecosystem and are commended for their customer-first approach to security, these top contributors have gone above and beyond our expectations.