MS – 보안 대응 센터

Coming together to address Encapsulated PostScript (EPS) attacks Today’s security updates include three updates that exemplify how the security ecosystem can come together to help protect consumers and enterprises. We would like to thank FireEye and ESET for working with us. Customers that have the latest security updates installed are protected against the attacks described below. As a best practice to ensure customers have the latest protections, we recommend they upgrade to the most current versions. Through the Microsoft Active Protections Program (MAPP), partners separately alerted us to closely related, targeted attacks. These attacks both used malformed Word documents to ensnare their targets through carefully crafted phishing mails intended for a very select audience. Both attacks were comprised of multiple vulnerabilities including a remote code execution flaw in the Encapsulated PostScript (EPS) filter in Office and a Windows elevation of [ more… ]

May 2017 security update release Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice. More information about this month’s security updates can be found on the Security Update Guide. MSRC team   Source: May 2017 security update release

Taking your feedback on the Security Update Guide The Security Update Guide has been in public preview since November 2016. This month marked our first release when security update information was published entirely in the new format. Over the last few months, customers and partners have provided a lot of feedback on the direction and implementation of the Security Update Guide.  As we completed Preview this month, we want to let you know that we are continuing to listen to your feedback, and are working to enhance your experience. So—thank you! Here are some highlights of what we are rolling out this month: Fixed a few bugs in translations and data population Improved the experience of using advisories, such as adding unique identifiers Restored the links to the MITRE site for CVE details Today, you can consume Security Update Guide [ more… ]

Bountycraft at Nullcon 2017 Security is a critical component of our products at Microsoft. A strong emphasis on security is a persistent factor throughout our entire development process. Microsoft is committed to designing and developing secure software. Testing is performed both internally and by working closely with the broader security community. This is done through a wide range of partnerships and programs including bug bounties to ensure that customers receive the most secure products. Serving this mission, Microsoft launched its first bounty program in 2013 to compensate researchers for their time spent investigating and reporting security vulnerabilities directly to Microsoft. Since then, Microsoft has significantly expanded its bug bounty programs to include Office, Windows, Internet Explorer, Edge and the Microsoft Cloud Services. After launching the Microsoft Cloud, Edge and Mitigation bypass bounty programs, we realized that the software and services [ more… ]

Protecting customers and evaluating risk Today, Microsoft triaged a large release of exploits made publicly available by Shadow Brokers. Understandingly, customers have expressed concerns around the risk this disclosure potentially creates. Our engineers have investigated the disclosed exploits, and most of the exploits are already patched. Below is our update on the investigation. When a potential vulnerability is reported to Microsoft, either from an internal or external source, the Microsoft Security Response Center (MSRC) kicks off an immediate and thorough investigation. We work to swiftly validate the claim and make sure legitimate, unresolved vulnerabilities that put customers at risk are fixed. Once validated, engineering teams prioritize fixing the reported issue as soon as possible, taking into consideration the time to fix it across any impacted product or service, as well as versions, the potential threat to customers, and the likelihood [ more… ]