Microsoft Support & Discussions

I interned with Microsoft as a Software Engineering Intern in the MSRC UK team in Cheltenham this past summer. I worked in the Safe Systems Programming Language (SSPL) group, which explores safe programming languages as a proactive measure against memory-safety related vulnerabilities. This blog post describes the project that I have been working on under … Designing a COM library for Rust Read More » The post Designing a COM library for Rust appeared first on Microsoft Security Response Center. Continue reading...

We have released the October security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide. As a reminder, Windows 7 and Windows Server 2008 R2 will be out of … October 2019 security updates are available! Read More » The post October 2019 security updates are available! appeared first on Microsoft Security Response Center. Continue reading...

Today were introducing Office 365 ProPlus support for Windows Server 2019 customers with on-premises and Azure deployments. Weve also enabled customers to immediately download and leverage FSLogix functionality, including the Office 365 Container, to enhance the speed and performance around user profile data in non-persistent virtualized environments. This continues our commitment to enhance the Office experience in local and virtualized environments and improves the end user experience in non-persistent virtualized environments. Our priority is to continue to deliver a great Office experience in on-premises virtualized environments; we have updated our Office 365 supp…

Since the general availability of Windows Server 2019, we have seen the fastest adoption rate of Windows Server Core in history. If you havent heard of Windows Server Core, then youre really missing out! Windows Server Core is the lightest deployment option of Windows Server Standard or Windows Server Datacenter editions. Why are customers choosing to deploy Windows Server Core now? Its Windows Admin Center. This new server management tool delivers many of the benefits of the Desktop Experience and is a free download that comes with your Windows Server license. Admins love the intuitive, graphical user interface and the ability to manage your virtual machines from any …

マイクロソフトでは、2020 年初頭に、Active Directory ドメイン環境内の LDAP 通信の安全性を向上するために、LDAP 署名、およびLDAP チャネルバインディング （LDAPS 利用時）を既定で有効化します。 The post [AD管理者向け] 2020 年 LDAP 署名と LDAP チャネルバインディングが有効化。確認を！ appeared first on Microsoft Security Response Center. Continue reading...

Azure IoT Edge is an open source, cross platform software project from the Azure IoT team at Microsoft that seeks to solve the problem of managing distribution of compute to the edge of your on-premise network from the cloud. This post explains some of the rationale behind our choice of Rust as the implementation programming … Building the Azure IoT Edge Security Daemon in Rust Read More » The post Building the Azure IoT Edge Security Daemon in Rust appeared first on Microsoft Security Response Center. Continue reading...

The Microsoft Security Response Center (MSRC) works with partners all over the world to protect Microsoft customers. This week we’re headed to the Philippines to meet security researchers and bounty hunters at ROOTCON 13! Planning on attending ROOTCON? If you want to learn more about how you can earn rewards for reporting vulnerabilities to Microsoft … MSRC is going to ROOTCON! Read More » The post MSRC is going to ROOTCON! appeared first on Microsoft Security Response Center. Continue reading...

We couldn’t do BlueHat without the Content Advisory Board, the brain trust reviewing submissions to the CFP. Representing both Microsoft and other parts of security community, the CAB applies their industry and speaker experience to create the BlueHat agenda that’s the right mix of topics and perspectives. We really appreciate the time these people take … Meet the BlueHat Content Advisory Board Read More » The post Meet the BlueHat Content Advisory Board appeared first on Microsoft Security Response Center. Continue reading...

Exciting changes are coming to BlueHat Seattle 2019! If you’d like to attend this premier security conference, we have good news for you: registration for BlueHat Seattle is now open and we hope you register. Wait, isn’t BlueHat invitation-only? It is…but if we haven’t sent you an invitation, we encourage you to request a seat. Visit our registration site and tell us a little bit about yourself. We’re reviewing all application requests and will send a confirmation if you are selected. The BlueHat conference team is creating an engaging two-day agenda to provide a … Calling all breakers & builders: BlueHat Seattle registration is open! Read More » The post C…

In the past year we invested a lot of time making Hyper-V research more accessible to everyone. Our first blog post, “First Steps in Hyper-V Research”, describes the tools and setup for debugging the hypervisor and examines the interesting attack surfaces of the virtualization stack components. We then published “Fuzzing para-virtualized devices in Hyper-V”, which … Attacking the VM Worker Process Read More » The post Attacking the VM Worker Process appeared first on Microsoft Security Response Center. Continue reading...

2019 年 9 月 11 日 (日本時間)、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しました。 The post 2019 年 9 月のセキュリティ更新プログラム (月例) appeared first on Microsoft Security Response Center. Continue reading...

We have released the September security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide. As a reminder, Windows 7 and Windows Server 2008 R2 will be out of … September 2019 Security Updates Read More » The post September 2019 Security Updates appeared first on Microsoft Security Response Center. Continue reading...

2019 has seen a phenomenal BlueHatIL in February followed by a wildly successful BlueHat Shanghai in May… now it’s time to come back home for BlueHat Seattle! 2 days of hands-on technical training (October 22-23, 2019) 2 days of conference talks from industry-leading security researchers and cyber defenders (October 24-25, 2019) great creative spaces ready … BlueHat Seattle 2019 Call for Papers is Now Open! Read More » Continue reading...

In a previous post we described some of the differences between on-premises/physical forensics and cyber investigations and those performed in the cloud, and how this can make cloud forensics challenging. That blog post described a method of creating and maintaining a VM image which can be distributed to multiple regions, allowing you to deploy this … Acquiring a VHD to Investigate Read More » Continue reading...

Traditional computer forensics and cyber investigations are as relevant in the cloud as they are in on-premise environments, but the methods in which to access and perform such investigations differ. This post will describe some of the challenges of bringing on-premises forensics techniques to the cloud and show one solution to overcome these challenges, using … Scalable infrastructure for investigations and incident response Read More » Continue reading...