[IT管理者向け] 脆弱性の悪用のしやすさを知る~悪用可能性指標と緩和策
マイクロソフトでは毎月第二火曜日 (米国時間) に定例のセキュリティ更新プログラムを公開し、修正した脆弱性の概要を Security Update Guide ポータルサイトで公開しています。
Exploitability Index
August 2013 Security Bulletin Webcast, Q&A, and Slide Deck
Today we’re publishing the August 2013 Security Bulletin Webcast Questions & Answers page. We fielded 13 questions on various topics during the webcast, with specific bulletin questions focusing primarily on Exchange Server (MS13-061) and Windows Kernel (MS13-063). There were 3 additional questions during the webcast that we were unable to answer on air, and we …
August 2013 Security Bulletin Webcast, Q&A, and Slide Deck Read More »
Out with the old, in with the April 2013 security updates
Windows XP was originally released on August 24, 2001. Since that time, high-speed Internet connections and wireless networking have gone from being a rarity to the norm, and Internet usage has grown from 360 million to almost two-and-a-half billion users. Thanks to programs like Skype, we now make video calls with regularity, and social media …
Out with the old, in with the April 2013 security updates Read More »
It’s That Time of Year, For the December 2012 Bulletin Release
Happy holidays! I hope everyone is enjoying the festive season. I like to get my holiday shopping done early, and this year was no exception. In the middle of my holiday shopping last week, as I passed my cash from one store to the next, I was reminded of “Pass-the-Hash.” (My mind does tend to …
It’s That Time of Year, For the December 2012 Bulletin Release Read More »
November 2012 Bulletin Release
Security UpdatesToday we released six security bulletins to help protect our customers – four Critical, one Important, and one Moderate – addressing 19 vulnerabilities in Microsoft Windows Shell, Windows Kernel, Internet Explorer, Internet Information Services (IIS), .NET Framework, and Excel. For those who need to prioritize deployment, we recommend focusing on these two Critical updates …
August 2012 Bulletin Release
Security Advisory 2661254 – Update For Minimum Certificate Key LengthBefore we get into the details of this month’s bulletin release, let’s take a look at an important change on how Windows deals with certificates that have RSA keys of less than 1024 bits in length. We’ve been talking about this subject since June, and today …
A live BlueHat Prize webcast and the August 2011 security updates
Hello all. It has been very nearly a week since our BlueHat Prize contest announcement at Black Hat. Now that everyone’s had some time to digest the basics, we’ve asked Senior Security Strategist and chief BlueHat Prize architect Katie Moussouris to stop by the Trustworthy Computing studio today at 11 a.m. PDT to answer a few …
A live BlueHat Prize webcast and the August 2011 security updates Read More »
Exploitability Index Improvements & Advance Notification Service for May 2011 Bulletin Release
Hello everyone, Today we are announcing changes to Microsoft’s Exploitability Index. Since October 2008, we have used the Exploitability Index to provide customers with valuable exploitability analysis for our security bulletins, and starting Tuesday this information will become even more comprehensive for those who use Microsoft’s latest platforms. The Exploitability Index assesses the likelihood of …
Exploitability Index Improvements Now Offer Additional Guidance
Exploitability Index Improvements Now Offer Additional Guidance In October of 2008, Microsoft published its first Exploitability Index: a rating system that helps customers identify the likelihood that a specific vulnerability would be exploited within the first 30 days after bulletin release. As of this month, we are making some changes to the rating system to …
Exploitability Index Improvements Now Offer Additional Guidance Read More »
Q&A from April 2011 Security Bulletin Webcast
Hello, Today we published the April Security Bulletin Webcast Questions & Answers page. We fielded 14 questions on various topics during the webcast, including bulletins released, deployment tools, and update detection tools. There were two questions during the webcast that we were unable to answer and we have included those questions and answers on the …