Microsoft solution available to protect additional products
Today many of our customers around the world and the critical systems they depend on were victims of malicious “WannaCrypt” software. Seeing businesses and individuals affected by cyberattacks, such as the ones reported today, was painful. Microsoft worked throughout the day to ensure we understood the attack and were taking all possible actions to protect our customers.
Encapsulated PostScript (EPS) の脆弱性を利用した攻撃に対処するために団結する
本記事は、MSRC Team のブログ “Coming together to address Encapsulated PostScript (EPS) attacks” (2017 年 5 月 9 日 米国時間公開) を翻
May 2017 security update release
Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice.
More information about this month’s security updates can be found on the Security Update Guide.
Coming together to address Encapsulated PostScript (EPS) attacks
Today’s security updates include three updates that exemplify how the security ecosystem can come together to help protect consumers and enterprises. We would like to thank FireEye and ESET for working with us.
Customers that have the latest security updates installed are protected against the attacks described below. As a best practice to ensure customers have the latest protections, we recommend they upgrade to the most current versions.
セキュリティ更新プログラム ガイドに関するフィードバックをお待ちしています
本記事は、 MSRC Team のブログ “ Taking your feedback on the Security Update Guide” (2017 年 4 月 21 日 米国時間公開) を翻訳したものです。 2016 年
Taking your feedback on the Security Update Guide
The Security Update Guide has been in public preview since November 2016. This month marked our first release when security update information was published entirely in the new format. Over the last few months, customers and partners have provided a lot of feedback on the direction and implementation of the Security Update Guide.
Bountycraft at Nullcon 2017
Security is a critical component of our products at Microsoft. A strong emphasis on security is a persistent factor throughout our entire development process. Microsoft is committed to designing and developing secure software. Testing is performed both internally and by working closely with the broader security community. This is done through a wide range of partnerships and programs including bug bounties to ensure that customers receive the most secure products.
Protecting customers and evaluating risk
Today, Microsoft triaged a large release of exploits made publicly available by Shadow Brokers. Understandingly, customers have expressed concerns around the risk this disclosure potentially creates. Our engineers have investigated the disclosed exploits, and most of the exploits are already patched. Below is our update on the investigation.
When a potential vulnerability is reported to Microsoft, either from an internal or external source, the Microsoft Security Response Center (MSRC) kicks off an immediate and thorough investigation.
セキュリティ更新プログラム ガイド (Security Update Guide) を使ってみよう
※ 2020 年 11 月に、セキュリティ更新プログラム ガイドがリニューアルしています。新しいセキュリティ更新プログ