2013

長期休暇の前にセキュリティ対策を！

Thursday, July 25, 2013

今年は梅雨が例年より早く終わって、急激に暑くなり早くも真夏の様相を呈していましたが、今週になってまた

Read More

• 啓発
• 基本

Preparing for Live Pwnage: Mitigation Bypass Bounty Machine Specs for Black Hat

Wednesday, July 24, 2013

With about one week to go before we all gather at Black Hat in Las Vegas, we’re getting inquiries about precisely how the promised Live Mitigation Bypass Bounty judging at Black Hat will work. For most of the world, it works best when you get a good spot at the Microsoft booth (#301) around noon each day, so you can clearly see the excitement as some of security’s best and brightest look to pop built-in Windows 8.

Read More

• Black Hat
• Bounty
• Bountyprograms
• Security Conference Engagement
• Security Ecosystem

Attention Bounty Hunters – The Ramp Up to Black Hat

Wednesday, July 17, 2013

We’re three weeks into our new world of bounties for Microsoft products now, and as the clock ticks down on one program, we’re prepping for some live excitement with one of the others. First, the Internet Explorer 11 Preview Bounty is entering its final 10 days; the bounty period for that program closes on the 26th of July.

Read More

• BlueHat Prize
• Bounty
• Bountyprograms
• Security Research
• Zero-Day Exploit

July 2013 Security Bulletin Webcast, Q&A, and Slide Deck

Friday, July 12, 2013

Today we’re publishing the July 2013 Security Bulletin Webcast Questions & Answers page. During the webcast, we fielded 10 questions covering all updates. All questions are included on the Q&A page. We invite our customers to join us for the next scheduled webcast on Wednesday, August 14th at 11 a.m. PT (UTC -8), when we will go into detail about the August 2013 bulletin release and answer questions live on the air.

Read More

• Security
• Security Bulletin
• Security bulletin release
• Security Bulletin Webcast
• Security Bulletins
• Security Update
• Security Update Webcast
• Security Update Webcast Q & A

ストア アプリに対する新しいポリシーを発表

Thursday, July 11, 2013

Microsoft Security Response Center のブログをチェックしている方は、既にご存知かもしれませんが、マイクロソフトは、Windows

Read More

• ストア アプリ
• ポリシー

2013 年 7 月のセキュリティ更新プログラムに関してリスクを評価する

Wednesday, July 10, 2013

本記事は、Security Research & Defense のブログ “ Assessing risk for the July 2013 security updates ” (2013 年 7 月 10 日公開) を翻訳した記事です。 本

Read More

• セキュリティ情報
• リスク評価

Filling A Gap In the Vulnerability Market – First Bounty Notification

Wednesday, July 10, 2013

When Microsoft decided to offer not one but three new bounties, paying outside researchers directly for security research on some of our latest products, we put a lot of thought into developing those bounty programs. We developed a customized set of programs designed to create a win-win between the security researcher community and Microsoft’s customers, by focusing on key data about what researchers were doing with vulnerabilities they found in our products.

Read More

• BlueHat Prize
• Bounty
• Bountyprograms
• Internet Explorer (IE)
• Microsoft Windows
• Responsible Disclosure
• Security Research
• Zero-Day Exploit

Running in the wild, not for so long

Wednesday, July 10, 2013

Over the weekend we received a report from our partners about a possible unpatched Internet Explorer vulnerability being exploited in the wild. The exploit code uses a memory corruption bug triggered from a webpage but it deeply leverages a Flash SWF file in order to achieve reliable exploitation and code execution.

Read More

• Attack
• Detection
• EMET
• Exploitation
• Internet Explorer (IE)
• Workarounds
• Zero-Day Exploit

2013 年 7 月のセキュリティ情報 (月例) – MS13-052 ～ MS13-058

Tuesday, July 09, 2013

先週の事前通知でお知らせしましたとおり、新規セキュリティ情報 合計 7 件 (緊急 6 件、重要 1 件) を公開しま

Read More

• アドバイザリ
• セキュリティ情報

2013 年 7 月のマイクロソフト ワンポイント セキュリティ ～ビデオで簡単に解説 ～

Tuesday, July 09, 2013

皆さん、こんにちは！ 先ほど 7 月のマイクロソフト ワンポイント セキュリティ情報を公開しました。 本日 7 月 10

Read More

• セキュリティ情報
• ビデオ
• ワンポイント