May You Live in Interesting Times
Handle:StoneZ IRL: Adrian Stone Rank: Senior Security Program Manager Lead Likes: Predictive Analytics, Game Theory, Databases, Sports Cars, NFL Football, Direct People Dislikes: Losing, Liars, Posers,...
View ArticleInternet troubles in Korea? E-call center 118 is there to help.
Handle:Cluster IRL: Maarten Van Horenbeeck Rank: Senior Program Manager Likes: Slicing covert channels, foraging in remote memory pools, and setting off page faults Dislikes: The crackling sound of...
View ArticleGetting Into Information Security Intelligence Gathering: A BlueHat v10...
Ian:Having a mild case of “professional ADHD” is probably what got me started on this whole “cyber” thing. Having done research, development, integration and consulting in the past, I was starting to...
View ArticleMS12-060: Addressing a vulnerability in MSCOMCTL.OCX’s TabStrip control
Today we released MS12-060, addressing a potential remote code execution vulnerability in MSCOMCTL.OCX, the binary included with a number of Microsoft products to provide a set of common ActiveX...
View ArticleMore information on Security Advisory 2757760’s Fix It
Today, we revised Security Advisory 2757760 with two new pieces of information: A Fix It solution is available to address the vulnerability via an app-compat shim The comprehensive security update will...
View ArticleNew vulnerability affecting Internet Explorer 8 users
Today, the MSRC released Security Advisory 2794220 alerting customers to limited, targeted attacks affecting customers using Internet Explorer 6, 7, and 8. Internet Explorer 9 and Internet Explorer 10...
View ArticleMS13-051: Get Out of My Office!
MS13-051 addresses a security vulnerability in Microsoft Office 2003 and Office for Mac. Newer versions of Microsoft Office for Windows are not affected by this vulnerability, but the newest version of...
View ArticleRunning in the wild, not for so long
Over the weekend we received a report from our partners about a possible unpatched Internet Explorer vulnerability being exploited in the wild. The exploit code uses a memory corruption bug triggered...
View ArticleMicrosoft Releases Security Advisory 2914486
Today we released Security Advisory 2914486 regarding a local elevation of privilege (EoP) issue that affects customers using Microsoft Windows XP and Server 2003. Windows Vista and later are not...
View ArticleFix it tool available to block Internet Explorer attacks leveraging...
Today, we released Security Advisory 2934088 to provide guidance to customers concerned about a new vulnerability found in Internet Explorer versions 9 and 10. This vulnerability has been exploited in...
View ArticleNew Research Paper: Pre-hijacking Attacks on Web User Accounts
In 2020, MSRC awarded two Identity Project Research Grants to support external researchers working to further strengthen the security of identity protocols and systems. Today we are pleased to release...
View ArticleAnnouncing the Microsoft Machine Learning Membership Inference Competition...
We’re excited to announce the launch of a new competition focusing on the security and privacy of machine learning (ML) systems. Machine learning has already become a key enabler in many products and...
View Article
