Month Archives: August 2021

Update on the vulnerability in the Azure Cosmos DB Jupyter Notebook Feature

Friday, August 27, 2021

On August 12, 2021, a security researcher reported a vulnerability in the Azure Cosmos DB Jupyter Notebook feature that could potentially allow a user to gain access to another customer’s resources by using the account’s primary read-write key. We mitigated the vulnerability immediately. Our investigation indicates that no customer data was accessed because of this vulnerability by third parties or security researchers.

• Azure

Announcing the Launch of the Azure SSRF Security Research Challenge

Thursday, August 19, 2021

Microsoft is excited to announce the launch of a new, three-month security research challenge under the Azure Security Lab initiative. The Azure Server-Side Request Forgery (SSRF) Research Challenge invites security researchers to discover and share high impact SSRF vulnerabilities in Microsoft Azure. Qualified submissions are eligible for bounty rewards up to $60,000 USD, with additional awards for identifying innovative or novel attack patterns.

• Azure
• Azure Security Lab
• Bounty
• Community-based Defense
• Coordinated Vulnerability Disclosure
• Security
• Security Research

2021 年 8 月のセキュリティ更新プログラム (月例)

Tuesday, August 10, 2021

2021 年 8 月 11 日 (日本時間)、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし

• アドバイザリ
• セキュリティ情報
• セキュリティ更新
• 脆弱性

Point and Print Default Behavior Change

Tuesday, August 10, 2021

Our investigation into several vulnerabilities collectively referred to as “PrintNightmare” has determined that the default behavior of Point and Print does not provide customers with the level of security required to protect against potential attacks. Today, we are addressing this risk by changing the default Point and Print driver installation and update behavior to require administrator privileges.

Point and Print の既定動作の変更

Tuesday, August 10, 2021

本記事は「Point and Print Default Behavior Change」の日本語抄訳です。 “PrintNightmare” と総称されるいくつかの脆弱性を調査した

• CVE-2021-34481
• Point and Print
• セキュリティ情報

Microsoft ファミリーセーフティで家族の安全を見守ろう

Monday, August 09, 2021

～家庭で利用する PC・タブレットの設定ガイド～ ご家庭で PC やタブレットの安全な使い方を話し合いながら設

• セキュリティ情報
• ファミリーセーフティ

2021 年 MSRC 最優秀セキュリティ研究者の表彰

Thursday, August 05, 2021

本記事は「Congratulations to the MSRC 2021 Most Valuable Security Researchers!」の日本語抄訳です。 MSRC

• Community-based Defense
• Coordinated Vulnerability Disclosure
• Researcher Recognition
• Security Researcher

Congratulations to the MSRC 2021 Most Valuable Security Researchers!

Wednesday, August 04, 2021

The MSRC Researcher Recognition Program offers public thanks and acknowledgement to the researchers who help protect customers through discovering and sharing security vulnerabilities under Coordinated Vulnerability Disclosure. Today, we are excited to recognize this year’s Most Valuable Security Researchers (MVRs) based on the impact, accuracy,

• Community-based Defense
• Coordinated Vulnerability Disclosure
• Researcher Recognition
• Security Researcher