MSRC

Microsoft Announces Top Contributing Partners in the Microsoft Active Protections Program (MAPP)

Thursday, July 25, 2019

Today we announce the top organizational candidates for Vulnerability Top Contributors, Threat Indicator Top Submitters, and Zero-Day Top Reporting for the period of July 1, 2018 – June 30, 2019. The Microsoft Active Protections Program provides security and protection to customers through cooperation and collaboration with industry leading partners. This bi-directional sharing program of threat and vulnerability data has proven instrumental to help prevent broad attacks and quickly resolve security vulnerabilities in Microsoft products and services.

• BlackHat
• Community-based Defense
• MAPP
• Security Ecosystem

Announcing the Microsoft Dynamics 365 Bounty program

Wednesday, July 17, 2019

One of Microsoft’s many security investments to protect customers is in the partnerships we build with the external security research community. We are excited to announce the launch of theDynamics 365 Bounty program and welcome researchers to seek out and disclose any high impact vulnerabilities they may find in Dynamics 365.

• Bounty
• Community-based Defense
• Microsoft Dynamics
• Security Research

July 2019 Security Update Release

Tuesday, July 09, 2019

We have released the July security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide.

• Security Update
• UpdateTuesday

Inside the MSRC – Building your own security incident response process

Monday, July 01, 2019

This is the third and last in a series of posts that looks at how Microsoft responds to elevated threats to customers through the Microsoft Security Response Center’s (MSRC) Software and Services Incident Response Plan (SSIRP). Our previous posts discussed how Microsoft protects customers against elevated threats and the anatomy of a SSIRP incident.

• Defender
• Post incident review
• SSIRP

Inside the MSRC – Anatomy of a SSIRP incident

Thursday, June 27, 2019

This is the second in a series of blog posts that shares how the MSRC responds to elevated threats to customers through the Software and Services Incident Response Plan (SSIRP). In ourlast blog post, we looked at the history of the Microsoft Security Response Center and SSIRP, and how Microsoft takes a holistic view to helping to protect and defend customers.

• Post incident review
• Runc
• SSIRP
• Update Tuesday

Inside the MSRC – Customer-centric incident response

Tuesday, June 25, 2019

The Microsoft Security Response Center (MSRC) is an integral part of Microsoft’s Cyber Defense Operations Center (CDOC) that brings together security response experts from across the company to help protect, detect, and respond to threats in real-time. Staffed with dedicated teams 24x7, the CDOC has direct access to thousands of security professionals, data scientists, and product engineers throughout Microsoft to ensure rapid response and resolution to security threats.

• Community-based Defense
• CVD
• Microsoft Active Protections Program (MAPP)
• Security Development Lifecycle (SDL)
• SSIRP

Prevent the impact of a Linux worm by updating Exim (CVE-2019-10149)

Thursday, June 13, 2019

This week, MSRC confirmed the presence of an active Linux worm leveraging a critical Remote Code Execution (RCE) vulnerability, CVE-2019-10149, in Linux Exim email servers running Exim version 4.87 to 4.91. Microsoft Azure infrastructure and Services are not affected; only customer’s Linux IaaS instances running a vulnerable version of Exim are affected.

• Linux
• Patch
• Update
• Vulnerability
• Worm

June 2019 security update release

Tuesday, June 11, 2019

Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide.

A Reminder to Update Your Systems to Prevent a Worm

Friday, May 31, 2019

On May 14, Microsoft released fixes for a critical Remote Code Execution vulnerability, CVE-2019-0708, in Remote Desktop Services – formerly known as Terminal Services – that affects some older versions of Windows. In our previous blog post on this topic we warned that the vulnerability is ‘wormable’, and that future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017.

BlueHat Shanghai 2019: Amplifying the power of defensive partnerships around the world

Friday, May 31, 2019

Earlier this week BlueHat Shanghai brought together security researchers and hundreds of cybersecurity professionals from China and across Asia to explore the latest topics in cybersecurity research. Including presentations from Qihoo 360, Baidu, Alibaba and the Chinese Academy of Sciences, BlueHat Shanghai highlighted incredibly talented Chinese researchers and focused on cutting edge topics including container and IoT security.