Archive

Posts Tagged ‘MSRC’

March 2020 security updates are available

March 10th, 2020 No comments

We have released the March security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide.

The post March 2020 security updates are available appeared first on Microsoft Security Response Center.

Categories: Uncategorized Tags:

Calling for security research in Azure Sphere, now generally available

February 24th, 2020 No comments

Today, Microsoft released Azure Sphere into General Availability (GA). Azure Sphere’s mission is to empower every organization on the planet to connect and create secured and trustworthy IoT devices. Azure Sphere is an end-to-end solution for securely connecting existing equipment and for creating new IoT devices with built-in security. The solution includes hardware, OS, and …

Calling for security research in Azure Sphere, now generally available Read More »

The post Calling for security research in Azure Sphere, now generally available appeared first on Microsoft Security Response Center.

February 2020 security updates are available

February 11th, 2020 No comments

We have released the February security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide.

The post February 2020 security updates are available appeared first on Microsoft Security Response Center.

Categories: Patch, Update Tuesday Tags:

Recognizing Security Researchers in 2020

February 3rd, 2020 No comments

Is it too early to talk about the 2020 MSRC Most Valuable Security Researchers? Five months from now, at the end of June, the program period closes for researchers to be considered for inclusion in the Most Valuable Researchers list. The top researcher list will be revealed at Black Hat North America in August. For …

Recognizing Security Researchers in 2020 Read More »

The post Recognizing Security Researchers in 2020 appeared first on Microsoft Security Response Center.

Announcing the Xbox Bounty program

January 30th, 2020 No comments

Announcing the new Xbox Bounty. The Xbox bounty program invites gamers, security researchers, and technologists around the world to help identify security vulnerabilities in the Xbox network and services, and share them with the Microsoft Xbox team through Coordinated Vulnerability Disclosure (CVD).

The post Announcing the Xbox Bounty program appeared first on Microsoft Security Response Center.

Access Misconfiguration for Customer Support Database

January 22nd, 2020 No comments

Today, we concluded an investigation into a misconfiguration of an internal customer support database used for Microsoft support case analytics. While the investigation found no malicious use, and although most customers did not have personally identifiable information exposed, we want to be transparent about this incident with all customers and reassure them that we are taking …

Access Misconfiguration for Customer Support Database Read More »

The post Access Misconfiguration for Customer Support Database appeared first on Microsoft Security Response Center.

Categories: Misconfiguration Tags:

Announcing MSRC 2019 Q4 Security Researcher Leaderboard

January 15th, 2020 No comments

Following the first Security Researcher Quarterly Leaderboard we published in October 2019, we are excited to announce the MSRC Q4 2019 Security Researcher Leaderboard, which shows the top contributing researchers for the last quarter. In each quarterly leaderboard, we recognize the security researchers who ranked at or above the 95th percentile line based on the …

Announcing MSRC 2019 Q4 Security Researcher Leaderboard Read More »

The post Announcing MSRC 2019 Q4 Security Researcher Leaderboard appeared first on Microsoft Security Response Center.

January 2020 Security Updates: CVE-2020-0601

January 14th, 2020 No comments

The January security updates include several Important and Critical security updates. As always, we recommend that customers update their systems as quickly as practical. Details for the full set of updates released today can be found in the Security Update Guide. We believe in Coordinated Vulnerability Disclosure (CVD) as proven industry best practice to address security vulnerabilities. Through a partnership …

January 2020 Security Updates: CVE-2020-0601 Read More »

The post January 2020 Security Updates: CVE-2020-0601 appeared first on Microsoft Security Response Center.

January 2020 security updates are available!

January 14th, 2020 No comments

We have released the January security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide. As a reminder, Windows 7 and Windows Server 2008 R2 will be out of …

January 2020 security updates are available! Read More »

The post January 2020 security updates are available! appeared first on Microsoft Security Response Center.

Categories: Uncategorized Tags:

Announcing the Microsoft Identity Research Project Grant

January 9th, 2020 No comments

We are excited to announce the Microsoft Identity Research Project Grant a new opportunity in partnership with the security community to help protect Microsoft customers. This project grant awards up to $75,000 USD for approved research proposals that improve the security of the Microsoft Identity solutions in new ways for both Consumers (Microsoft Account) and Enterprise (Azure Active Directory).

The post Announcing the Microsoft Identity Research Project Grant appeared first on Microsoft Security Response Center.

December 2019 security updates are available

December 10th, 2019 No comments

We have released the December security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide. As a reminder, Windows 7 and Windows Server 2008 R2 will be out of …

December 2019 security updates are available Read More »

Categories: Security Update, Update Tuesday Tags:

Customer Guidance for the Dopplepaymer Ransomware

November 20th, 2019 No comments

Microsoft has been investigating recent attacks by malicious actors using the Dopplepaymer ransomware. There is misleading information circulating about Microsoft Teams, along with references to RDP (BlueKeep), as ways in which this malware spreads. Our security research teams have investigated and found no evidence to support these claims. In our investigations we found that the …

Customer Guidance for the Dopplepaymer Ransomware Read More »

The post Customer Guidance for the Dopplepaymer Ransomware appeared first on Microsoft Security Response Center.

November 2019 security updates are available!

November 12th, 2019 No comments

We have released the November security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide. As a reminder, Windows 7 and Windows Server 2008 R2 will be out of …

November 2019 security updates are available! Read More »

The post November 2019 security updates are available! appeared first on Microsoft Security Response Center.

Categories: Uncategorized Tags:

Microsoft Identity Bounty Improvements

October 23rd, 2019 No comments

Introducing the ElectionGuard Bounty program

October 18th, 2019 No comments

Announcing the Security Researcher Quarterly Leaderboard

October 17th, 2019 No comments

Right before Black Hat USA 2019, we announced our new researcher recognition program, and at Black Hat we announced the top researchers from the previous twelve months. Since it’s easier to track your progress with regular updates than with just an annual report, we are excited to announce the MSRC Q3 2019 Security Researcher Leaderboard, …

Announcing the Security Researcher Quarterly Leaderboard Read More »

The post Announcing the Security Researcher Quarterly Leaderboard appeared first on Microsoft Security Response Center.

October 2019 security updates are available!

October 8th, 2019 No comments

We have released the October security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide. As a reminder, Windows 7 and Windows Server 2008 R2 will be out of …

October 2019 security updates are available! Read More »

The post October 2019 security updates are available! appeared first on Microsoft Security Response Center.

MSRC is going to ROOTCON!

September 23rd, 2019 No comments

The Microsoft Security Response Center (MSRC) works with partners all over the world to protect Microsoft customers. This week we’re headed to the Philippines to meet security researchers and bounty hunters at ROOTCON 13! Planning on attending ROOTCON? If you want to learn more about how you can earn rewards for reporting vulnerabilities to Microsoft …

MSRC is going to ROOTCON! Read More »

The post MSRC is going to ROOTCON! appeared first on Microsoft Security Response Center.

Categories: Uncategorized Tags:

Get advance notice about March 2014 security updates

March 6th, 2014 No comments

Today, the Microsoft Security Response Center (MSRC) posted details about the March security updates.

If you have automatic updating turned on, most of these updates will download and install on their own. Sometimes you may need to provide input for Windows Update during an installation. In this case, you’ll see an alert in the notification area at the far right of the taskbar—be sure to click it.

In Windows 8, Windows will turn on automatic updating during setup unless you choose to turn it off. To check this setting and turn on automatic updating, open the Search charm, enter Turn automatic updating on or off, and tap or click Settings to find it. 

For other versions of Windows, you can check whether automatic updating is turned on through the Microsoft Update website. This will open Windows Update in Control Panel; if automatic updating is not turned on, you’ll be guided through the steps to set it up. After that, all the latest security and performance improvements will be installed on your PC quickly and reliably.

If you are a technical professional

The Microsoft Security Bulletin Advance Notification Service offers details about security updates approximately three business days before they are released. We do this to enable customers (especially IT professionals) to plan for effective deployment of security updates.

Sign up for security notifications

Recent Internet Explorer advisory

September 18th, 2012 No comments

Microsoft released Security Advisory 2757760 yesterday about an issue in Internet Explorer.

The Microsoft Security Response Center (MSRC) is actively monitoring the situation and so far the issue has impacted only an extremely limited number of people.

For more information, see Microsoft Releases Security Advisory 2757760.

Full-strength solution available soon

Within the next few days Microsoft will release an easy-to-use tool (called a “Fix it”) that you can download for free. When the Fix it is available, we will post the link to download it here on this blog. You will also find it on the MSRC blog.

For more information, see Additional information about Internet Explorer and Security Advisory 2757760.