Skip to main content

Exploit Mitigations

Microsoft mitigates Power Platform Custom Code information disclosure vulnerability

Friday, August 04, 2023

Summary Summary On 30 March 2023, Tenable informed Microsoft under Coordinated Vulnerability Disclosure (CVD) of a security issue concerning Power Platform Custom Connectors using Custom Code. This feature allows customers to write code for custom connectors. This issue has been fully addressed for all customers and no customer remediation action is required.

Solving Uninitialized Stack Memory on Windows

Wednesday, May 13, 2020

This blog post outlines the work that Microsoft is doing to eliminate uninitialized stack memory vulnerabilities from Windows and why we’re on this path. This blog post will be broken down into a few parts that folks can jump to: Uninitialized Memory Background Potential Solutions to Uninitialized Memory Vulnerabilities InitAll – Automatic Initialization Interesting Findings with InitAll Performance Optimizations Impact for Customers Forward Looking Plans None of this work would have been possible without close partnership between the Visual Studio organization, the Windows organization, and MSRC.