Skip to main content
MSRC

2017

Announcing the Windows Bounty Program

Wednesday, July 26, 2017

Windows 10 represents the best and newest in our strong commitment to security with world-class mitigations. One of Microsoft’s longstanding strategies toward improving software security involves investing in defensive technologies that make it difficult and costly for attackers to find, exploit and leverage vulnerabilities. We built in mitigations and defenses such as DEP, ASLR, CFG, CIG, ACG, Device Guard, and Credential Guard to harden our systems and we continue adding defenses such as Windows Defender Application Guard to significantly increase protection to harden entry points while ensuring the customer experience is seamless.

Read More

EnglishmansDentist Exploit Analysis

Thursday, July 20, 2017

Introduction We are continuing our series of blog posts dissecting the exploits released by ShadowBrokers in April 2017. After the first two posts about the SMB exploits known as EternalChampion and EternalSynergy, we’ll move this time to analyze a different tool and we’ll focus on the exploit named EnglishmansDentist designed to target Exchange Server 2003.

Read More

Eternal Synergy Exploit Analysis

Thursday, July 13, 2017

Introduction Recently we announced a series of blog posts dissecting the exploits released by the ShadowBrokers in April 2017; specifically some of the less explored exploits. This week we are going to take a look at Eternal Synergy, an SMBv1 authenticated exploit. This one is particularly interesting because many of the exploitation steps are purely packet-based, as opposed to local shellcode execution.

Read More

[IT 管理者向け] TLS 1.2 への移行を推奨しています

Tuesday, July 11, 2017

こんにちは、垣内由梨香です

データを暗号化し安全にやり取りを行う Transport Layer Security (TLS)。TLS は利用しているが、詳細なバージョンまでは把握してない、そんな方も多いのではないでしょうか?暗号プロトコルは「使ってさえいれば安全」ではありません。現在の脅威に対応できるバージョンのみを利用しリスクを下げることが重要です。

マイクロソフトでは、より安全な TLS 1.2 へ移行していくことを推奨しています。

[2020/9/7 追記] 各製品、サービスにおける TLS 1.0/1.1 の廃止予定については、次の情報を参考にしてください。 TLS 1.0 and 1.1 deprecation https://techcommunity.microsoft.com/t5/microsoft-sharepoint-blog/tls-1-0-and-1-1-deprecation/ba-p/1620264

Read More

July 2017 security update release

Tuesday, July 11, 2017

Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice. More information about this month’s security updates can be found on the Security Update Guide.

Read More

Petya ランサムウェア攻撃に対する Windows 10 プラットフォームのレジリエンス

Monday, July 10, 2017

本記事は、MMPC のブログ “Windows 10 platform resilience against the Petya ransomware attack” (2017 年 6 月 29 日 米国時間公開) の一

Read More

Eternal Champion Exploit Analysis

Thursday, June 29, 2017

Recently, a group named the ShadowBrokers published several remote server exploits targeting various protocols on older versions of Windows. In this post we are going to look at the EternalChampion exploit in detail to see what vulnerabilities it exploited, how it exploited them, and how the latest mitigations in Windows 10 break the exploit as-written.

Read More