Attack | Microsoft Security Response Center

Know thy Enemy

Friday, November 06, 2009

I recently attended BlueHat for the second time and spoke about the SMS vulnerabilities Collin Mulliner and I discovered and exploited this summer. BlueHat is an interesting speaking venue because the audience consists entirely of Microsoft employees. Some people might think security researchers speaking at Microsoft is like speaking before the enemy, but that is not the case (an actual example of that would have been when I talked about exploit sales at CERT a few years ago).

Attacking SMS

Monday, October 19, 2009

This year at BlackHat USA in Las Vegas, we presented on the topic of attacking Short Message Service (SMS). Our presentation focused on the different ways in which SMS can be used to compromise mobile security. We’re excited to give an updated version of our talk at the upcoming BlueHat v9 conference later this month, and thought the BlueHat blog readers who will not be able to attend might enjoy an overview of some key material from the presentation.

Collaborating on RIA Security

Tuesday, October 06, 2009

Microsoft and Adobe frequently work together on security. At this year’s BlueHat, we will come together to share our security research in the area of Rich Internet Applications (RIAs). While we independently place considerable thought and effort into our respective security models, attackers often look for methods in which to combine technologies for an attack.

Announcing BlueHat v9: Through the Looking Glass

Sunday, September 13, 2009

Handle: C-Lizzle IRL: Celene Temkin Rank: Program Manager 2 & BlueHat Project Manager Likes: Culinary warfare, BlueHat hackers and responsible disclosure Dislikes: Acts of hubris, MySpace, orange mocha Frappaccinos! BlueHat v9 will take place from October 21 to 23 at the Microsoft campus in Redmond. Last year, we experimented with a day dedicated to attacks and a day dedicated to SDL security mitigations.

August 2009 Bulletin Release

Tuesday, August 11, 2009

Summary of Microsoft’s Security Bulletin Release for August 2009 Hi everyone, This month, we released nine security bulletins. Five of those are rated Critical and four have an aggregate severity rating of Important. Of the nine updates, eight affect Windows and the last one affects Office Web Components (OWC). It is also important to note that five of the six critical updates also have an Exploitability Index rating of “1” which means that we could expect there to be consistent, reliable code in the wild seeking to exploit one or more of these vulnerabilities within the first 30 days from release.

心の会合: The Gathering

Friday, July 17, 2009

Handle: Cap’n Steve IRL: Steve Adegbite Rank: Senior Security Program Manager Lead Likes: Reverse Engineering an obscene amount of code and ripping it up on a snowboard Dislikes: Not much but if you hear me growl…run Konnichiwa! I guess you are wondering

New vulnerability in MPEG2TuneRequest ActiveX Control Object in msvidctl.dll

Monday, July 06, 2009

We are aware of active attacks exploiting a remote code execution vulnerability in Microsoft’s MPEG2TuneRequest ActiveX Control Object. We have released advisory 972890 providing guidance to help our customers stay protected. In this blog post, we’d like to go into more detail to help you understand this issue. What’s the attack vector?

Securing our Legacy

Friday, June 19, 2009

Hi, this is Scott Stender from iSEC Partners. I recently had the privilege of speaking at Microsoft’s BlueHat event in Brussels on the topic of securing legacy systems. With all of the recent coverage on the need to secure our networked systems – national, corporate, and individual alike – I felt that the BlueHat event was a good time to shine the spotlight on those little-loved, perhaps little-known systems that keep our plugged-in society working.

A Brussels retrospective from Oahu

Thursday, June 11, 2009

** Handle:** Security Blanki IRL: Sarah Blankinship Rank: Senior Security Strategist Lead Likes: Vuln wrangling, teams of rivals, global climate change - the hotter the better Dislikes: Slack jawed gawkers (girls are geeks too!), customers @ risk, egos Aloha from the Shakacon III, a security conference held each year in lovely Honolulu, Hawaii!

Announcing the BlueHat Security Forum: EU Edition

Tuesday, June 02, 2009

Handle: C-Lizzle IRL: Celene Temkin Rank: Program Manager 2 & BlueHat Project Manager Likes: Culinary warfare, BlueHat hackers and responsible disclosure Dislikes: Acts of hubris, MySpace, orange mocha Frappaccinos! Hey folks! I know this is typically the time of year when birds are chirping, the rain is _supposed _to be letting up, and those of you in the BlueHat network who are normally invited to attend the Spring BlueHat conference are asking yourselves, “Why did MSRC start doing the con only once a year?