Skip to main content
MSRC

2023

Microsoft addresses App Installer abuse

Thursday, December 28, 2023

28 October 2024 Update Microsoft disabled the ms-appinstaller URI scheme handler by default in App Installer on 28 December 2023 as a security response to protect customers from attackers’ evolving techniques against previous safeguards for CVE-2021-43890. Microsoft is pleased to announce that we have introduced new safeguards to the ms-appinstaller URI scheme handler by default in version 1.

Read More

Azure Serial Console Attack and Defense - Part 2

Tuesday, December 19, 2023

This is the second installment of the Azure Serial Console blog, which provides insights to improve defenders’ preparedness when investigating Azure Serial Console activity on Azure Linux virtual machines. While the first blog post discussed various tracing activities, such as using Azure activity and Sysmon logs on Windows virtual machines to trace serial console activity, this blog outlines how to enable logging for Azure Linux virtual machines using Sysmon for Linux to capture and how to send these events to a log analytics workspace.

Read More

Introducing the Microsoft Defender Bounty Program

Tuesday, November 21, 2023

We are excited to announce the new Microsoft Defender Bounty Program with awards of up to $20,000 USD. The Microsoft Defender brand encompasses a variety of products and services designed to enhance the security of the Microsoft customer experience. The Microsoft Defender Bounty Program invites researchers across the globe to identify vulnerabilities in Defender products and services and share them with our team.

Read More

Celebrating ten years of the Microsoft Bug Bounty program and more than $60M awarded

Monday, November 20, 2023

This year marks the tenth anniversary of the Microsoft Bug Bounty Program, an essential part of our proactive strategy to protect customers from security threats. Since its inception in 2013, Microsoft has awarded more than $60 million to thousands of security researchers from 70 countries. These individuals have discovered and reported vulnerabilities under Coordinated Vulnerability Disclosure, aiding Microsoft in navigating the continuously evolving security threat landscape and emerging technologies.

Read More

Reflecting on 20 years of Patch Tuesday

Friday, November 17, 2023

This year is a landmark moment for Microsoft as we observe the 20th anniversary of Patch Tuesday updates, an initiative that has become a cornerstone of the IT world’s approach to cybersecurity. Originating from the Trustworthy Computing memo by Bill Gates in 2002, our unwavering commitment to protecting customers continues to this day and is reflected in Microsoft’s Secure Future Initiative announced this month.

Read More