MSRC

Introducing Bounty Awards for Teams Desktop Client Security Research

Wednesday, March 24, 2021

Partnering with the security research community is an important part of Microsoft’s holistic approach to defending against security threats. As much of the world has shifted to working from home in the last year, Microsoft Teams has enabled people to stay connected, organized, and collaborate remotely. Microsoft and security researchers across the planet continue to partner to help secure customers and the technologies we use for remote collaboration.

• Bounty
• Community-based Defense
• Security
• Security Research

Guidance for responders: Investigating and remediating on-premises Exchange Server vulnerabilities

Tuesday, March 16, 2021

This guidance will help customers address threats taking advantage of the recently disclosed Microsoft Exchange Server on-premises vulnerabilities CVE-2021-26855, CVE-2021-26858, CVE-2021-26857, and CVE-2021-27065, which are being exploited. We strongly urge customers to immediately update systems. Failing to address these vulnerabilities can result in compromise of your on-premises Exchange Server and, potentially, other parts of your internal network.

One-Click Microsoft Exchange On-Premises Mitigation Tool - March 2021

Monday, March 15, 2021

We have been actively working with customers through our customer support teams, third-party hosters, and partner network to help them secure their environments and respond to associated threats from the recent Exchange Server on-premises attacks. Based on these engagements we realized that there was a need for a simple, easy to use, automated solution that would meet the needs of customers using both current and out-of-support versions of on-premises Exchange Server.

• CVE-2021-26855
• CVE-2021-26857
• CVE-2021-26858
• CVE-2021-27065
• Partial mitigations

Microsoft Exchange Server Vulnerabilities Mitigations - updated March 15, 2021

Friday, March 05, 2021

Update March 15, 2021: If you have not yet patched, and have not applied the mitigations referenced below, a one-click tool, the Exchange On-premises Mitigation Tool is now our recommended path to mitigate until you can patch. Microsoft previously blogged our strong recommendation that customers upgrade their on-premises Exchange environments to the latest supported version.

• CVE-2021-26855
• CVE-2021-26857
• CVE-2021-26858
• CVE-2021-27065
• Partial mitigations

A new experience for reporting copyright or trademark infringement on Microsoft Services

Wednesday, March 03, 2021

The Notice of Copyright or Trademark Infringement Portal has helped protect Microsoft’s users and customers from intellectual property infringement across online services like Microsoft Azure, Office, Outlook, Skype, Stream, Microsoft News, Sway, Hotmail, NuGet, and Yammer. Microsoft’s response to claims of intellectual property infringement is driven by the reports you send us.

• Azure
• Infringement
• Microsoft News
• Microsoft Online Services
• NuGet
• Office
• Outlook
• Skype
• Stream
• Sway
• Yammer

On-Premises Exchange Server Vulnerabilities Resource Center - updated March 25, 2021

Tuesday, March 02, 2021

On March 2nd, we released several security updates for Microsoft Exchange Server to address vulnerabilities that are being used in ongoing attacks. Due to the critical nature of these vulnerabilities, we recommend that customers protect their organizations by applying the patches immediately to affected systems. The vulnerabilities affect Exchange Server versions 2013, 2016, and 2019, while Exchange Server 2010 is also being updated for defense-in-depth purposes.

Microsoft Internal Solorigate Investigation - Final Update

Thursday, February 18, 2021

We believe the Solorigate incident is an opportunity to work with the community, to share information, strengthen defenses and respond to attacks. We have now completed our internal investigation into the activity of the actor and want to share our findings, which confirm that we found no evidence of access to production services or customer data.

MSRC Security Researcher Recognition: 2021

Wednesday, February 10, 2021

Wondering how to get into the 2021 MSRC Most Valuable Security Researcher list and get recognized during the Black Hat USA this August? Read on to learn more about the different paths you can take to get into the top researcher tiers. The MSRC Most Valuable Security Researcher (MVR) and MSRC Contributor are tiers in the Researcher Recognition Program which annually recognize researchers for impactful contributions, considering report impact, accuracy and volume.

• Community-based Defense
• Coordinated Vulnerability Disclosure
• Researcher Recognition
• Security Researcher

Continuing to Listen: Good News about the Security Update Guide API!

Tuesday, February 09, 2021

Based on user feedback we have simplified programmatic access to the security update data by removing the authentication and API-Key requirements when using the CVRF API. You will no longer have to log in to obtain a personal API key to access the data. We’re happy to make this valuable public information more freely available and accessible.

• Security Update Guide

Multiple Security Updates Affecting TCP/IP:  CVE-2021-24074, CVE-2021-24094, and CVE-2021-24086

Tuesday, February 09, 2021

Today Microsoft released a set of fixes affecting Windows TCP/IP implementation that include two Critical Remote Code Execution (RCE) vulnerabilities (CVE-2021-24074, CVE-2021-24094) and an Important Denial of Service (DoS) vulnerability (CVE-2021-24086). The two RCE vulnerabilities are complex which make it difficult to create functional exploits, so they are not likely in the short term.

• Exploitability
• Network protocol
• Risk Assessment
• Update Tuesday