detection

Windows Defender Advanced Threat Protection の機械学習: 未知の侵入アクティビティの検出

マイクロソフトは積極的に次世代のセキュリティ テクノロジに投資しており、マイクロソフトが誇る膨大なデータ セットを集約する能力を使用し、そのデータから学習するインテリジェントなシステムを構築しています。機械学習 (ML) システムでは、日々の膨大な数のイベントに潜む脅威や、従来のセンサーでは反応しない未知の小さな異常を見つけ出すことができます。

Defending against CVE-2015-1769: a logical issue exploited via a malicious USB stick

Introduction Today Microsoft released update MS15-085 to address CVE-2015-1769, an important severity security issue in Mount Manager. It affects both client and server versions, from Windows Vista to Windows 10. The goal of this blog post is to provide information on the detection guidance to help defenders detect attempts to exploit this issue.   Detection …

Defending against CVE-2015-1769: a logical issue exploited via a malicious USB stick Read More »

New vulnerability affecting Internet Explorer 8 users

Today, the MSRC released Security Advisory 2794220 alerting customers to limited, targeted attacks affecting customers using Internet Explorer 6, 7, and 8. Internet Explorer 9 and Internet Explorer 10 users are safe. More information about the vulnerability and exploit In this particular vulnerability, IE attempts to reference and use an object that had previously been …

New vulnerability affecting Internet Explorer 8 users Read More »

ASP.NET security update is live!

Today we released MS11-100, addressing a newly disclosed denial-of-service vulnerability affecting several vendors’ Web application platforms, including Microsoft’s ASP.NET. Yesterday, we posted an SRD blog describing the vulnerability and the detection and workaround opportunities. With this blog post, we’d like to update you on the following topics: Why is this bulletin rated “Critical” for a …

ASP.NET security update is live! Read More »

More information about the December 2011 ASP.Net vulnerability

Today, we released Security Advisory 2659883 alerting customers to a newly disclosed denial-of-service vulnerability affecting several vendors’ web application platforms, including Microsoft’s ASP.NET. This blog post will cover the following: Impact of the vulnerability How to know if your configuration is vulnerable to denial-of-service How to detect the vulnerability being exploited at network layer How …

More information about the December 2011 ASP.Net vulnerability Read More »

OffVis updated, Office file format training video created

In July, we released a beta Office file format viewer application called OffVis as a downloadable tool. We are pleased today to announce an updated version of OffVis and a 30 minute training video to help you understand the legacy Office binary file format. OffVis 1.1 The community response to the release of the OffVis …

OffVis updated, Office file format training video created Read More »

New vulnerability in IIS5 and IIS6

This afternoon, the MSRC posted a security advisory describing a newly-disclosed vulnerability in the IIS FTP service that could potentially grant remote code execution to untrusted users. You can find the advisory here. Vulnerability summary The vulnerability is a stack overflow in the FTP service when listing a long, specially-crafted directory name. To be vulnerable, …

New vulnerability in IIS5 and IIS6 Read More »