Microsoft Support & Discussions

The MSRC is more than managing vulnerability reports, publishing Microsoft security updates, and defending the cloud. The MSRC is passionate about helping everyone improve internal engineering practices and supporting the defender community, and are excited to partner with Blackberry to host a Product Security Operations Forum at LocoMocoSec on April 18, 2019. Featuring exceptional speakers from across the industry, the Product Security Operations Forum will share what industry practitioners have learned about problems (and solutions!) of secure development and managing vulnerability response. We’ll have hands-on practitioners from, npm, Adobe, Microsoft, GitHub, and e…

The MSRC is more than managing vulnerability reports, publishing Microsoft security updates, and defending the cloud. The MSRC is passionate about helping everyone improve internal engineering practices and supporting the defender community, and are excited to partner with Blackberry to host a Product Security Operations Forum at LocoMocoSec on April 18, 2019.

The Microsoft Security Response Center (MSRC) investigates all reports of security vulnerabilities affecting Microsoft products and services to help make our customers and the global online community more secure. We appreciate the excellent vulnerability research reported to us regularly from the security community, and we consider it a privilege to work with these researchers.

The Microsoft Security Response Center (MSRC) recently announced our first BlueHat security conference in Shanghai which will take place on May 29-30, 2019. After 15 years of BlueHat events in Redmond, Washington and Israel, we are thrilled to expand to a new location. We work with many talented security researchers throughout the Asia Pacific region to protect our shared online ecosystem, and we can’t wait to connect with them in person at BlueHat! BlueHat Shanghai will provide a fun, accessible venue for security researchers to come together and share innovative cybersecurity research and ideas. If you are a security researcherer or a security engineer, come join us!…

The Microsoft Security Response Center (MSRC) recently announced our first BlueHat security conference in Shanghai which will take place on May 29-30, 2019. After 15 years of BlueHat events in Redmond, Washington and Israel, we are thrilled to expand to a new location. We work with many talented security researchers

This year at the Nullcon International Security Conference I shared practical advice for how security researchers can maximize the impact of their security vulnerability submissions and earn higher bounty awards under the Microsoft Bounty Program. For those who couldn’t be there, I had two core pieces of advice. First, focus vulnerability research on the products and services that are eligible for bounty rewards. The eligible scope is published on our website. We expand our programs throughout the year, so check back regularly for new potential areas to research and follow us on Twitter for announcements of new bounty programs. Second, when reporting security vulnera…

Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide. Continue reading...

This year at the Nullcon International Security Conference I shared practical advice for how security researchers can maximize the impact of their security vulnerability submissions and earn higher bounty awards under the Microsoft Bounty Program. For those who couldn’t be there, I had two core pieces of advice. First , focus vulnerability research on the products and services that are eligible for bounty rewards.

Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide.

This blog post was authored by Vithalprasad Gaitonde, Principal PM Manager, System Center. As customers grow their deployments in the public cloud and on-premises data centers, management tools are evolving to meet customer needs. System Center suite continues to play an important role in managing the on-premises data center and the evolving IT needs with the adoption of the public cloud. Today, I am excited to announce that Microsoft System Center 2019 will be generally available in March 2019. System Center 2019 enables deployment and management of Windows Server 2019 at a larger scale to meet your data center needs. System Center 2019 has been in private…

The keystone to good security hygiene is limiting your attack surface. Attack surface reduction is a technique to remove or constrain exploitable behaviors in your systems. In this blog, we discuss the two attack surface reduction rules introduced in the most recent release of Windows and cover suggested deployment methods and best practices. Software applications may use known, insecure methods, or methods later identified as useful for malware exploits. For example, macros are an old and powerful tool for task automation. However, macros can spawn child processes, invoke the Windows API, and perform other tasks which render them exploitable by malware. Windows…

Were frequently asked how we operate our Security Operations Center (SOC) at Microsoft (particularly as organizations are integrating cloud into their enterprise estate). This is the first in a three part blog series designed to share our approach and experience, so you can use what we learned to improve your SOC. In Part 1: Organization, we start with the critical organizational aspects (organizational purpose, culture, and metrics). In Part 2: People, we cover how we manage our most valuable resourcehuman talent. And finally Part 3: Technology, covers the technology that enables these people to accomplish their mission. Overall SOC model Microsoft has multi…

Its well known by now that pipeline attacks and attacks on utilities of all kinds have been an unfortunately well-trodden path by cyber-adversaries in numerous countries for a few years now. These types of attacks are not theoretical, and the damage done to dateas well as the potential damageis significant. With this backdrop, it was encouraging to see a few months ago that that the U.S. Government was working in a coordinated fashion to push for a more coordinated effort around pipeline security. As part of the annual Cybersecurity Awareness Month each October, the U.S. Department of Energy (DOE) and Department of Homeland Security (DHS) met with the Oil and Natural…

The Top 10 actions to secure your environment series outlines fundamental steps you can take with your investment in Microsoft 365 security solutions. In Step 5. Set up mobile device management, youll learn how to plan your Microsoft Intune deployment and set up Mobile Device Management (MDM) as part of your unified endpoint management (UEM) strategy. In Steps 1-4 of the series, we provided tips for securing identities with Azure Active Directory (Azure AD). In the next two posts (Step 5 and Step 6), we introduce you to ContosoCars to illustrate how you can deploy Microsoft Intune as part of your UEM strategy for securing company data on devices and applications. …

We know security experts with diverse skills and experiences are found around the world. This year, the BlueHat Security Conference is coming to Shanghai! BlueHat Shanghai 2019 will take place on May 29-30 at W Shanghai - The Bund. We want to provide a venue for security researchers to come together to learn and share information, innovations, best practices and actionable items, as well as to engage in a rich conversation about security.

February is an exciting month of enhancements for Microsoft Threat Protection. For those who have followed our monthly updates (November, December, and January), youre aware that Microsoft Threat Protection helps provide users optimal security from the moment they sign in, use email, work on documents, or utilize cloud applications. IT administrators benefit from minimal complexity while staying ahead of threats to their organization. Microsoft Threat Protection is one of the few available services helping provide comprehensive security across multiple attack vectors. This month, we share enhancements to identity protection, the launch of the Microsoft 365 security center…

Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide. Continue reading...

Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide.

The use of Transport Layer Security (TLS) encryption for data in transit is a common way to help ensure the confidentiality and integrity of data transmitted between devices, such as a web server and a computer. However, in recent years older versions of the protocol have been shown to have vulnerabilities, and therefore their use should be deprecated. We have been recommending the use of TLS 1.2 and above for some time. To help provide guidance, we are pleased to announce the release of the Solving the TLS 1.0 Problem, 2nd Edition white paper. The goal of this document is to provide the latest recommendations that can help remove technical blockers to disabling TLS …

Artificial intelligence (AI) and machine learning are making a big impact on how people work, socialize, and live their lives. As consumption of products and services built around AI and machine learning increases, specialized actions must be undertaken to safeguard not only your customers and their data, but also to protect your AI and algorithms from abuse, trolling, and extraction. We are pleased to announce the release of a research paper, Securing the Future of Artificial Intelligence and Machine Learning at Microsoft, focused on net-new security engineering challenges in the AI and machine learning space, with a strong focus on protecting algorithms, data, and …

To meet users expectations for security when using a product or cloud service, security must be an integral part of all aspects of the lifecycle. We all know this, and yet time has proven that this is far easier said than done because there is no single approach nor silver bullet that works in every situation. However, Microsofts long commitment to security has demonstrated that there are a number of security practices that have survived the passage of time, and when applied flexibly in harmony with many approaches, will improve the security of products or cloud services. We are sharing the results of our experiences through our new Security Engineering website, whic…

The Cybersecurity Tech Accords upcoming webinar and the importance of public-private partnership Today, cyberattacks from increasingly sophisticated actors threaten organizations across every sector, and whether a Fortune 500 company or a local bakery, organizations of all sizes need to take steps to limit the dangers posed by these threats. This is the core of cybersecurity risk managementunderstanding potential threats and actively working to mitigate them. But while organizations large and small should protect themselves against such threats, the owners and operators of critical infrastructure have a unique additional obligation to understand risks and improve the…

In todays threat landscape, boards of directors are more interested than ever before in their company’s cybersecurity strategy. If you want to maintain a boards confidence, you cant wait until after an attack to start talking to them about how you are securing the enterprise. You need to engage them in your strategy early and oftenwith the right level of technical detail, packaged in a way that gives the board exactly what they need to know, when they need to know it. Cyberattacks have increased in frequency and size over the years, making cybersecurity as fundamental to the overall health of the business as financial and operational controls. Todays boards of direct…

The Top 10 actions to secure your environment series outlines fundamental steps you can take with your investment in Microsoft 365 security solutions. In Step 4. Set conditional access policies, youll learn how to control access to your apps and corporate resources using conditional access policies, and how these policies can block legacy authentication methods and control access to SaaS apps. In todays workplace, users can work from anywhere, on any device. Whether using a company-provided laptop at the office, working from home, traveling for business, or using a personal mobile phone, employees expect to seamlessly access what they need to get work done. While the…