Month: April 2021

“BadAlloc” – Memory allocation vulnerabilities could affect wide range of IoT and OT devices in industrial, medical, and enterprise networks

MSRC / By / April 29, 2021

Microsoft’s Section 52, the Azure Defender for IoT security research group, recently uncovered a series of critical memory allocation vulnerabilities in IoT and OT devices that adversaries could exploit to bypass security controls in order to execute malicious code or cause a system crash. These remote code execution (RCE) vulnerabilities cover more than 25 CVEs …

“BadAlloc” – Memory allocation vulnerabilities could affect wide range of IoT and OT devices in industrial, medical, and enterprise networks Read More »

Congratulating Our Top MSRC 2021 Q1 Security Researchers!

MSRC / By / April 15, 2021

We’re excited to announce the top contributing researchers for the 2021 First Quarter (Q1)! Congratulations to all the researchers recognized in this quarter’s leaderboard and thank you to everyone who continues to help secure our customers and the ecosystem. The top three researchers of the 2021 Q1 Security Researcher Leaderboard are: Yuki Chen (4365 points), …

Congratulating Our Top MSRC 2021 Q1 Security Researchers! Read More »

April 2021 Update Tuesday packages now available

MSRC / By / August 27, 2021

Update August 25, 2021:Microsoft strongly recommends that you update your servers with the most recent security updates available. CVE-2021-34473 (ProxyShell) CVE-2021-34523 (ProxyShell) CVE-2021-33766 Today is Update Tuesday – our commitment to provide a predictable monthly schedule to release updates and provide the latest protection to our customers. Update Tuesday is a monthly cycle when Microsoft …

April 2021 Update Tuesday packages now available Read More »