Wednesday, May 28, 2014
Microsoft is committed to promoting a safer, more trusted Internet and providing monthly security updates is one of the ways our customers keep their devices and connections to the Internet more secure. Packaging updates together into a monthly bulletin cycle stems from customer feedback and offers a predictable way to help protect them against newly discovered threats.
Tuesday, May 27, 2014
こんにちは、村木ゆりかです。 これまで何度か取り上げてきました信頼できる証明書や公開鍵基盤 (PKI) について、
Wednesday, May 21, 2014
本記事は、 Trustworthy Computing\ のブログ “Enabling trust in the cloud ”(2013 年\ 12 月 *2 日公開) を翻訳した記事です。 Trustworthy
Friday, May 16, 2014
Today we published the May 2014 Security Bulletin Webcast Questions & Answers page. We answered 17 questions in total, with the majority focusing on the update for SharePoint (MS14-022), Group Policy (MS14-025) and Internet Explorer (MS14-029). Here is the video replay: We invite you to join us for the next scheduled webcast on Wednesday, June 11, 2014, at 11 a.
Tuesday, May 13, 2014
2014/5/14 13:00 記載: セキュリティ情報 MS14-029内のダウンロードリンクからセキュリティ更新プログラムをダウ
Tuesday, May 13, 2014
本記事は、Security Research & Defense のブログ “ Assessing risk for the May 2014 security updates ” (2014 年 5 月 13 日公開) を翻訳した記事です。 本
Tuesday, May 13, 2014
皆さん、こんにちは! 先ほど 5 月のマイクロソフト ワンポイント セキュリティ情報を公開しました。 本日 5 月 14
Tuesday, May 13, 2014
Today we released eight security bulletins addressing 13 unique CVE’s. Two bulletins have a maximum severity rating of Critical while the other six have a maximum severity rating of Important. The table is designed to help you prioritize the deployment of updates appropriately for your environment. Bulletin Most likely attack vector Max Bulletin Severity Max exploit-ability Likely first 30 days impact Platform mitigations and key notes MS14-029(Internet Explorer) Victim browses to a malicious webpage.
Tuesday, May 13, 2014
Dynamically loading libraries in an application can lead to vulnerabilities if not secured properly. In this blog post we talk about loading a library using LoadLibraryEx() API and make use of options to make it safe. Know the defaults: The library file name passed to LoadLibrary() / LoadLibraryEx() call need not contain an extension.
Tuesday, May 13, 2014
Today, we released an update to address a vulnerability in Group Policy Preferences (MS14-025). Group Policy Preferences was an addition made to Group Policy to extend its capabilities. Among other things, Group Policy Preferences allows an administrator to configure: Local administrator accounts (name of the account, account password, etc) Configure a service or scheduled task (allowed to specify alternate credentials to run as) Mount network drives when a user logs in (allowed to specify alternate credentials to connect with) Group Policy Preferences are distributed just like normal group policy: An XML file containing the settings is written to the SYSVOL share of the domain controllers, and computers periodically query the SYSVOL share (authenticating to it using their computer account) for updates to the group policy.
