マイクロソフト サイバーセキュリティ レポート: 最も注意が必要なエンタープライズの脅威 トップ 10
Wednesday, March 26, 2014
本記事は、 Microsoft Security のブログ “ Microsoft Cybersecurity Report: Top 10 Most Wanted Enterprise Threats ” (2013 年 11 月 26 日公開 ) を翻訳した記事です。 長年にわたる海外出
Month Archives: March 2014
Microsoft Releases Security Advisory 2953095
Monday, March 24, 2014
Today we released Security Advisory 2953095 to notify customers of a vulnerability in Microsoft Word. At this time, we are aware of limited, targeted attacks directed at Microsoft Word 2010. An attacker could cause remote code execution if someone was convinced to open a specially crafted Rich Text Format (RTF) file or a specially crafted mail in Microsoft Outlook while using Microsoft Word as the email viewer.
Security Advisory 2953095: recommendation to stay protected and for detections
Monday, March 24, 2014
Today, Microsoft released Security Advisory 2953095 to notify customers of a vulnerability in Microsoft Word. At this time, we are aware of limited, targeted attacks directed at Microsoft Word 2010. This blog will discuss mitigations and temporary defensive strategies that will help customers to protect themselves while we are working on a security update.
セキュリティ アドバイザリ 2953095「Microsoft Word の脆弱性により、リモートでコードが実行される」を公開
Monday, March 24, 2014
2014/03/25 16:45 更新: 回避策 ④ EMET を導入するの記載を更新し、Mandatory ASLR および anti-ROP features のいずれかで阻止できるこ
証明書更新機能の進化と Windows XP サポート終了後のリスク
Wednesday, March 19, 2014
こんにちは、村木ゆりかです。 マイクロソフトでは、Windows において信頼するルート証明書を管理する
March 2014 Security Bulletin Webcast and Q&A
Monday, March 17, 2014
Today we published the March 2014 Security Bulletin Webcast Questions & Answers page. We answered eight questions in total, with the majority focusing on the updates for Windows (MS14-016) and Internet Explorer (MS14-012). One question that was not answered on air has been included on the Q&A page. Here is the video replay.
ランサムウェア: 自身とビジネスを守る方法
Sunday, March 16, 2014
本記事は、 Trustworthy Computing のブログ “ Ransomware: Ways to Protect Yourself & Your Business ” (2013 年 11 月 19 日公開 ) を翻訳した記事です。 Trustworthy Computing (信頼できるコン
When ASLR makes the difference
Wednesday, March 12, 2014
We wrote several times in this blog about the importance of enabling Address Space Layout Randomization mitigation (ASLR) in modern software because it’s a very important defense mechanism that can increase the cost of writing exploits for attackers and in some cases prevent reliable exploitation. In today’s blog, we’ll go through ASLR one more time to show in practice how it can be valuable to mitigate two real exploits seen in the wild and to suggest solutions for programs not equipped with ASLR yet.
2014 年 3 月のセキュリティ情報 (月例) - MS14-012 ~ MS14-016
Tuesday, March 11, 2014
2014 年 3 月 12 日 (日本時間)、マイクロソフトは計 5 件 (緊急 2 件、重要 3 件) の新規セキュリティ情報を公開し
2014 年 3 月のセキュリティ更新プログラムのリスク評価
Tuesday, March 11, 2014
本記事は、Security Research & Defense のブログ “ Assessing risk for the March 2014 security updates ” (2014 年 3 月 11 日公開) を翻訳した記事です。 本