Microsoft Support & Discussions

4,683 topics in this forum

1. 

   Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard

   January 19 by Cloaked

   • • FPCH Admin
   • 0 replies
   • 0 views

   The Microsoft security team detected a nation-state attack on our corporate systems on January 12, 2024, and immediately activated our response process to investigate, disrupt malicious activity, mitigate the attack, and deny the threat actor further access. Microsoft has identified the threat actor as Midnight Blizzard, the Russian state-sponsored actor also known as Nobelium.

   

   Last reply by Cloaked, January 19
2. 

   BlueHat India Call for Papers is Now Open!

   January 8 by Cloaked

   • • FPCH Admin
   • 0 replies
   • 0 views

   You asked for it and it’s finally here! The inaugural BlueHat India conference will be held May 16-17th, 2024, in Hyderabad, India! This intimate conference will bring together a unique blend of security researchers and responders, who come together as peers to exchange ideas, experiences, and learnings in the interest of creating a safer and more secure world for all.

   

   Last reply by Cloaked, January 8
3. 

   Microsoft addresses App Installer abuse

   December 28, 2023 by Cloaked

   • • FPCH Admin
   • 0 replies
   • 0 views

   28 October 2024 Update Microsoft disabled the ms-appinstaller URI scheme handler by default in App Installer on 28 December 2023 as a security response to protect customers from attackers’ evolving techniques against previous safeguards for CVE-2021-43890. Microsoft is pleased to announce that we have introduced new safeguards to the ms-appinstaller URI scheme handler by default in version 1.

   

   Last reply by Cloaked, December 28, 2023
4. 

   Azure Serial Console Attack and Defense - Part 2

   December 19, 2023 by Cloaked

   • • FPCH Admin
   • 0 replies
   • 0 views

   This is the second installment of the Azure Serial Console blog, which provides insights to improve defenders’ preparedness when investigating Azure Serial Console activity on Azure Linux virtual machines. While the first blog post discussed various tracing activities, such as using Azure activity and Sysmon logs on Windows virtual machines to trace serial console activity, this blog outlines how to enable logging for Azure Linux virtual machines using Sysmon for Linux to capture and how to send these events to a log analytics workspace.

   

   Last reply by Cloaked, December 19, 2023
5. 

   Introducing the Microsoft Defender Bounty Program

   November 21, 2023 by Cloaked

   • • FPCH Admin
   • 0 replies
   • 0 views

   We are excited to announce the new Microsoft Defender Bounty Program with awards of up to $20,000 USD. The Microsoft Defender brand encompasses a variety of products and services designed to enhance the security of the Microsoft customer experience. The Microsoft Defender Bounty Program invites researchers across the globe to identify vulnerabilities in Defender products and services and share them with our team.

   

   Last reply by Cloaked, November 21, 2023
6. 

   Celebrating ten years of the Microsoft Bug Bounty program and more than $60M awarded

   November 20, 2023 by Cloaked

   • • FPCH Admin
   • 0 replies
   • 0 views

   This year marks the tenth anniversary of the Microsoft Bug Bounty Program, an essential part of our proactive strategy to protect customers from security threats. Since its inception in 2013, Microsoft has awarded more than $60 million to thousands of security researchers from 70 countries. These individuals have discovered and reported vulnerabilities under Coordinated Vulnerability Disclosure, aiding Microsoft in navigating the continuously evolving security threat landscape and emerging technologies.

   

   Last reply by Cloaked, November 20, 2023
7. 

   Reflecting on 20 years of Patch Tuesday

   November 17, 2023 by Cloaked

   • • FPCH Admin
   • 0 replies
   • 0 views

   This year is a landmark moment for Microsoft as we observe the 20th anniversary of Patch Tuesday updates, an initiative that has become a cornerstone of the IT world’s approach to cybersecurity. Originating from the Trustworthy Computing memo by Bill Gates in 2002, our unwavering commitment to protecting customers continues to this day and is reflected in Microsoft’s Secure Future Initiative announced this month.

   

   Last reply by Cloaked, November 17, 2023
8. 

   Microsoft guidance regarding credentials leaked to GitHub Actions Logs through Azure CLI

   November 14, 2023 by Cloaked

   • • FPCH Admin
   • 0 replies
   • 0 views

   Summary The Microsoft Security Response Center (MSRC) was made aware of a vulnerability where Azure Command-Line Interface (CLI) could expose sensitive information, including credentials, through GitHub Actions logs. The researcher, from Palo Alto Networks Prisma Cloud, found that Azure CLI commands could be used to show sensitive data and output to Continuous Integration and Continuous Deployment (CI/CD) logs.

   

   Last reply by Cloaked, November 14, 2023
9. 

   Congratulations to the Top MSRC 2023 Q3 Security Researchers!

   October 16, 2023 by Cloaked

   • • FPCH Admin
   • 0 replies
   • 0 views

   Congratulations to all the researchers recognized in this quarter’s Microsoft Researcher Recognition Program leaderboard! Thank you to everyone for your hard work and continued partnership to secure customers. The top three researchers of the 2023 Q3 Security Researcher Leaderboard are Wei, VictorV, and Anonymous! Check out the full list of researchers recognized this quarter here.

   

   Last reply by Cloaked, October 16, 2023
10. 

    Introducing the Microsoft AI Bug Bounty Program featuring the AI-powered Bing experience

    October 12, 2023 by Cloaked

    • • FPCH Admin
    • 0 replies
    • 0 views

    Today at BlueHat we announced the new Microsoft AI bug bounty program with awards up to $15,000. This new bounty program features the AI-powered Bing experience as the first in scope product. The following products and integrations are eligible for bounty awards: AI-powered Bing experiences on bing.com in Browser (All major vendors are supported, including Bing Chat, Bing Chat for Enterprise, and Bing Image Creator) AI-powered Bing integration in Microsoft Edge (Windows), including Bing Chat for Enterprise AI-powered Bing integration in the Microsoft Start Application (iOS and Android) AI-powered Bing integration in the Skype Mobile Application (iOS and Android) Full deta…

    

    Last reply by Cloaked, October 12, 2023
11. 

    Microsoft Response to Distributed Denial of Service (DDoS) Attacks against HTTP/2

    October 10, 2023 by Cloaked

    • • FPCH Admin
    • 0 replies
    • 0 views

    Summary Beginning in September 2023, Microsoft was notified by industry partners about a newly identified Distributed Denial-of-Service (DDoS) attack technique being used in the wild targeting HTTP/2 protocol. This vulnerability (CVE-2023-44487) impacts any internet exposed HTTP/2 endpoints. As an industry leader, Microsoft promptly opened an investigation and subsequently began working with industry partners for a coordinated disclosure and mitigation plan.

    

    Last reply by Cloaked, October 10, 2023
12. 

    Cybersecurity Awareness Month 2023: Elevating Security Together

    October 5, 2023 by Cloaked

    • • FPCH Admin
    • 0 replies
    • 0 views

    As the 20th anniversary of Cybersecurity Awareness Month begins, I find myself reflecting on the strides made since its inception. The journey to enhance and improve cybersecurity is ongoing and extends beyond October. It’s not merely a technological challenge; it is fundamentally about people. It’s about the customers and communities that we at Microsoft work tirelessly to safeguard and defend.

    

    Last reply by Cloaked, October 5, 2023
13. 

    Microsoft’s Response to Open-Source Vulnerabilities - CVE-2023-4863 and CVE-2023-5217

    October 2, 2023 by Cloaked

    • • FPCH Admin
    • 0 replies
    • 0 views

    Microsoft is aware and has released patches associated with the two Open-Source Software security vulnerabilities, CVE-2023-4863 and CVE-2023-5217. Through our investigation, we found that these affect a subset of our products and as of today, we have addressed them in our products as outlined below: CVE-2023-4863 Microsoft Edge Microsoft Teams for Desktop Skype for Desktop Webp Image Extensions (Released on Windows and updates through Microsoft Store) CVE-2023-5217

    

    Last reply by Cloaked, October 2, 2023
14. 

    Journey Down Under: How Rocco Became Australia’s Premier Hacker

    September 25, 2023 by Cloaked

    • • FPCH Admin
    • 0 replies
    • 0 views

    Fun facts about Rocco Calvi (@TecR0c): Microsoft MVR: Rocco is a 2023 Microsoft Most Valuable Researcher. Fitness fanatic: Inspired by old-school body building and countless hours of chopping and carrying wood in the mountains during his youth, Rocco remains a fitness enthusiast, setting himself challenges and pushing his limits.

    

    Last reply by Cloaked, September 25, 2023
15. 

    Microsoft mitigated exposure of internal information in a storage account due to overly-permissive SAS token

    September 18, 2023 by Cloaked

    • • FPCH Admin
    • 0 replies
    • 0 views

    Summary As part of a recent Coordinated Vulnerability Disclosure (CVD) report from Wiz.io, Microsoft investigated and remediated an incident involving a Microsoft employee who shared a URL for a blob store in a public GitHub repository while contributing to open-source AI learning models. This URL included an overly-permissive Shared Access Signature (SAS) token for an internal storage account.

    

    Last reply by Cloaked, September 18, 2023
16. 

    Results of Major Technical Investigations for Storm-0558 Key Acquisition

    September 6, 2023 by Cloaked

    • • FPCH Admin
    • 0 replies
    • 0 views

    March 12, 2024 update As part of our continued commitment to transparency and trust outlined in Microsoft’s Secure Future Initiative, we are providing further information as it relates to our ongoing investigation. This new information does not change the customer guidance we previously shared, nor have our ongoing investigations revealed additional impact to Microsoft or our customers.

    

    Last reply by Cloaked, September 6, 2023
17. 

    Azure Serial Console Attack and Defense - Part 1

    August 10, 2023 by Cloaked

    • • FPCH Admin
    • 0 replies
    • 0 views

    Ever had a virtual machine crash? Azure Serial console is a great way to directly connect to your Virtual machine and debug what went wrong. Azure Serial Console is a feature that’s available for free for everyone. While the primary intent of this feature is to assist users debug their machine, there are several interesting ways to abuse the features and compromise sensitive information.

    

    Last reply by Cloaked, August 10, 2023
18. 

    Updating our Vulnerability Severity Classification for AI Systems

    August 8, 2023 by Cloaked

    • • FPCH Admin
    • 0 replies
    • 0 views

    The Microsoft Security Response Center (MSRC) is always looking for ways to provide clarity and transparency around how we assess the impact of vulnerabilities reported in our products and services. To this end, we are announcing the Microsoft Vulnerability Severity Classification for AI Systems, an update to Microsoft’s existing vulnerability severity classification (i.

    

    Last reply by Cloaked, August 8, 2023
19. 

    Congratulations to the MSRC 2023 Most Valuable Security Researchers!

    August 8, 2023 by Cloaked

    • • FPCH Admin
    • 0 replies
    • 0 views

    The Microsoft Researcher Recognition Program offers public thanks and recognition to security researchers who help protect our customers through discovering and sharing security vulnerabilities under Coordinated Vulnerability Disclosure. Today, we are excited to recognize this year’s top 100 Most Valuable Researchers (MVRs) based on the total number of points earned for each valid report.

    

    Last reply by Cloaked, August 8, 2023
20. 

    Microsoft Bug Bounty Program Year in Review: $13.8M in Rewards

    August 7, 2023 by Cloaked

    • • FPCH Admin
    • 0 replies
    • 0 views

    We are thrilled to share the results of our collaboration with over 345 security researchers from +45 countries around the world in the past 12 months. Together, we have discovered and fixed more than a thousand potential security issues before they impacted our customers. In recognition of this valuable collaboration, we have awarded $13.

    

    Last reply by Cloaked, August 7, 2023
21. 

    Microsoft mitigates Power Platform Custom Code information disclosure vulnerability

    August 4, 2023 by Cloaked

    • • FPCH Admin
    • 0 replies
    • 0 views

    Summary On 30 March 2023, Tenable informed Microsoft under Coordinated Vulnerability Disclosure (CVD) of a security issue concerning Power Platform Custom Connectors using Custom Code. This feature allows customers to write code for custom connectors. This issue has been fully addressed for all customers and no customer remediation action is required.

    

    Last reply by Cloaked, August 4, 2023
22. 

    BlueHat October 2023 Call for Papers is Now Open!

    July 27, 2023 by Cloaked

    • • FPCH Admin
    • 0 replies
    • 0 views

    As you may have seen on social media, the next BlueHat conference will be October 11 – 12, 2023, on Microsoft’s Redmond campus in Washington state, USA. The Call for Papers (CFP) is now open through August 18, 2023. The BlueHat community is a unique blend of security researchers and responders from both inside and outside of Microsoft, who come together as peers to exchange ideas, experiences, and learnings in the interest of creating a safer and more secure world for all.

    

    Last reply by Cloaked, July 27, 2023
23. 

    Updated Researcher Portal Submission Form: Discover the New Fields in the Submission Form

    July 20, 2023 by Cloaked

    • • FPCH Admin
    • 0 replies
    • 0 views

    Summary: We are excited to announce the release of the updated Researcher Portal submission form. These new fields allow Security Researchers to provide additional context for the reported security issue, providing product teams with more data for analysis, gain insights and identify trends across multiple reported security vulnerabilities. The additional fields are not mandatory fields to submit a report.

    

    Last reply by Cloaked, July 20, 2023
24. 

    From Bounty Leaderboards to Microsoft Security Researcher, Meet Cameron Vincent!

    July 17, 2023 by Cloaked

    • • FPCH Admin
    • 0 replies
    • 0 views

    Fun Facts: Game you binged: Guitar Hero and Rock Band fanatic. Go to snack: Nutri-Grain Bars. Favorite Drink: Soda – Coca Cola specifically. Favorite Place: Singapore – stayed an extra week after a hacking collaboration and truly fell in love and hopes to get back as soon as possible. Favorite Movie/Genre: Parasite – Korean Cinema, had been watching Koren Cinema before it became a thing.

    

    Last reply by Cloaked, July 17, 2023
25. 

    What to expect when reporting vulnerabilities to Microsoft

    July 14, 2023 by Cloaked

    • • FPCH Admin
    • 0 replies
    • 0 views

    At the Microsoft Security Response Center (MSRC), our mission is to protect our customers, communities, and Microsoft from current and emerging threats to security and privacy. One way we achieve this is by working with security researchers to identify and fix security vulnerabilities in our services and products that could pose a threat to our customers.

    

    Last reply by Cloaked, July 14, 2023