隣国のセキュリティ事案を教訓とするために
Thursday, March 28, 2013
隣国、韓国で 3 月 20 に起きたセキュリティ事案は、日本でも大きく取り上げられ注目されている。 この事案につ
Month Archives: March 2013
セキュリティ アドバイザリ 2819682「Microsoft Windows ストア アプリケーション用のセキュリティ更新プログラム」を公開
Tuesday, March 26, 2013
2013 年 3 月 27 日、セキュリティ アドバイザリ 2819682「Microsoft Windows ストア アプリケーション用の
2013 年 3 月のセキュリティ更新プログラムに関してリスクを評価する
Wednesday, March 20, 2013
本記事は、Security Research & Defense のブログ “Assessing risk for the March 2013 security updates” (2013 年 3 月 12 日
March 2013 Security Bulletin Webcast, Q&A, and Slide Deck
Friday, March 15, 2013
Today we’re publishing the March 2013 Security Bulletin Webcast Questions & Answers page. We fielded 13 questions on various topics during the webcast, with specific bulletin questions focusing primarily on Internet Explorer (MS13-021), SharePoint (MS13-024) and the update for Kernel-Mode Drivers in MS13-027. There were six additional questions during the webcast that we were unable to answer on air, and we have also answered those on the Q&A page.
組織に対する標的型攻撃を緩和する
Wednesday, March 13, 2013
本記事は、Microsoft Trustworthy Computing のブログ “Mitigating Targeted Attacks on Your Organization” (2012 年
2013 年 3 月のセキュリティ情報 (月例) – MS13-021 ~ MS13-027
Tuesday, March 12, 2013
先週の事前通知でお知らせしましたとおり、新規セキュリティ情報 合計 7 件 (緊急 4 件、重要 3 件) を公開しま
2013 年 3 月のマイクロソフト ワンポイント セキュリティ ~ビデオで簡単
Tuesday, March 12, 2013
皆さん、こんにちは! 先ほど 12 月のマイクロソフト ワンポイント セキュリティ情報を公開しました。 本日 3 月 13
Assessing risk for the March 2013 security updates
Tuesday, March 12, 2013
Today we released seven security bulletins addressing 20 CVE’s. Four of the bulletins have a maximum severity rating of Critical, and three have a maximum severity rating of Important. We hope that the table below helps you prioritize the deployment of the updates appropriately for your environment. Bulletin Most likely attack vector Max Bulletin Severity Max Exploit-ability Index Likely first 30 days impact Platform mitigations and key notes MS13-021(Internet Explorer) Victim browses to a malicious webpage.
Evolving Response and the March 2013 Bulletin Release
Tuesday, March 12, 2013
As my career in security response has grown over the years, I am often reminded of the words of Italian author Giuseppe Tomasi Di Lampedusa, who stated, “If we want everything to remain as it is, it will be necessary for everything to change.” There are some things that we wish to stay the same.
MS13-027: Addressing an issue in the USB driver requiring physical access
Tuesday, March 12, 2013
Today we are addressing a vulnerability in the way that the Windows USB drivers handle USB descriptors when enumerating devices. (KB 2807986). This update represents an expansion of our risk assessment methodology to recognize vulnerabilities that may require physical access, but do not require a valid logon session. Windows typically discovers USB devices when they are inserted or when they change power sources (if they switch from plugged-in power to being powered off of the USB connection itself).