August 2021 – Microsoft Security Response Center

Update on the vulnerability in the Azure Cosmos DB Jupyter Notebook Feature

MSRC / By MSRC Team / August 27, 2021 September 1, 2021

On August 12, 2021, a security researcher reported a vulnerability in the Azure Cosmos DB Jupyter Notebook feature that could potentially allow a user to gain access to another customer’s resources by using the account’s primary read-write key. We mitigated the vulnerability immediately. Our investigation indicates that no customer data was accessed because of this …

Update on the vulnerability in the Azure Cosmos DB Jupyter Notebook Feature Read More »

Announcing the Launch of the Azure SSRF Security Research Challenge

MSRC / By MSRC Team / August 19, 2021 August 19, 2021

Microsoft is excited to announce the launch of a new, three-month security research challenge under the Azure Security Lab initiative. The Azure Server-Side Request Forgery (SSRF) Research Challenge invites security researchers to discover and share high impact SSRF vulnerabilities in Microsoft Azure. Qualified submissions are eligible for bounty rewards up to $60,000 USD, with additional …

Announcing the Launch of the Azure SSRF Security Research Challenge Read More »

Point and Print の既定動作の変更

Japan Security Team / By jsecteam / August 10, 2021 August 10, 2021

“PrintNightmare” と総称されるいくつかの脆弱性を調査した結果、Point and Print の既定の動作は、潜在的な攻撃から保護するために必要なセキュリティレベルを確保できないことが分かりました。今月、Point and Print ドライバーのインストールとアップデートの既定の動作に管理者特権を必要とするように変更することで、このリスクに対処しています。

2021 年 8 月のセキュリティ更新プログラム (月例)

Japan Security Team / By jsecteam / August 10, 2021 August 10, 2021

2021 年 8 月 11 日 (日本時間)、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しました。

Point and Print Default Behavior Change

MSRC / By MSRC Team / August 10, 2021 August 10, 2021

Our investigation into several vulnerabilities collectively referred to as “PrintNightmare” has determined that the default behavior of Point and Print does not provide customers with the level of security required to protect against potential attacks. Today, we are addressing this risk by changing the default Point and Print driver installation and update behavior to require …

Point and Print Default Behavior Change Read More »

Microsoft ファミリーセーフティで家族の安全を見守ろう

Japan Security Team / By jsecteam / August 9, 2021 August 9, 2021

ご家庭でPCやタブレットの安全な使い方を話し合いながら設定できる、「Microsoft ファミリーセーフティで家族の安全を見守ろう～家庭で利用するPC・タブレットの設定ガイド～ (PDF ファイル)」を公開しました。

2021 年 MSRC 最優秀セキュリティ研究者の表彰

Japan Security Team / By jsecteam / August 4, 2021 August 4, 2021

MSRC 研究者表彰プログラムは、協調的な脆弱性の公開に基づくセキュリティの脆弱性の発見と共有を通じてお客様を保護するすることに貢献してくれた研究者に、感謝の意と謝辞を公表します。本日は、各レポートの Impact (影響)、Accuracy (正確性)、Volume (量) に基づいた、今年の最優秀セキュリティ研究者 (MVRs) を表彰します。

Congratulations to the MSRC 2021 Most Valuable Security Researchers!

MSRC / By Lynn Miyashita / August 4, 2021 August 4, 2021

The MSRC Researcher Recognition Program offers public thanks and acknowledgement to the researchers who help protect customers through discovering and sharing security vulnerabilities under Coordinated Vulnerability Disclosure. Today, we are excited to recognize this year’s Most Valuable Security Researchers (MVRs) based on the impact, accuracy, and volume of their reports. Congratulations to each of our MSRC …

Congratulations to the MSRC 2021 Most Valuable Security Researchers! Read More »

Month: August 2021