MS – 보안 대응 센터

I am very pleased to be releasing additional expansions of the Microsoft Bounty Programs. Please stop by the Microsoft Networking Lounge at Black Hat, August 5-6, to learn more about these programs; or, visit https://aka.ms/BugBounty. We are raising the Bounty for Defense maximum from $50,000 USD to $100,000 USD. I am also very excited to announce that we are launching a bonus period for Authentication vulnerabilities in the Online Services Bug Bounty. We will be running an onsite contest at Black Hat in Las Vegas, August 5-6, related to this effort. Lastly, we are adding RemoteApp to the list of domains covered in the Online Services Bug Bounty. The changes to the Bounty for Defense reflect the continuing evolution of the Microsoft Bounty Program, based on the feedback and opportunities brought to us from the Security Research Community. Raising the [ more… ]

Microsoft Bounty Programs Expansion – Bounty for Defense, Authentication Bonus, and RemoteApp I am very pleased to be releasing additional expansions of the Microsoft Bounty Programs. Please stop by the Microsoft Networking Lounge at Black Hat, August 5-6, to learn more about these programs; or, visit https://aka.ms/BugBounty. We are raising the Bounty for Defense maximum from $50,000 USD to $100,000 USD. I am also very excited to announce that we are launching a bonus period for Authentication vulnerabilities in the Online Services Bug Bounty. We will be running an onsite contest at Black Hat in Las Vegas, August 5-6, related to this effort. Lastly, we are adding RemoteApp to the list of domains covered in the Online Services Bug Bounty. The changes to the Bounty for Defense reflect the continuing evolution of the Microsoft Bounty Program, based on the feedback [ more… ]

Today, we released a security bulletin to provide an update for Microsoft Windows. Customers who have automatic updates enabled or apply the update, will be protected. We recommend customers apply the update as soon as possible, following the directions in the security bulletin. More information about this bulletin can be found at Microsoft’s Bulletin Summary page. MSRC Team Source: ms-msrc

Today we released security updates for Microsoft Windows, Microsoft Office, Microsoft SQL Server, and Internet Explorer. As a best practice, we encourage customers to apply security updates as soon as they are released. For more information about this month’s security updates and advisories visit the Security TechNet Library.  You can also follow the Microsoft Security Response Center (MSRC) team on Twitter at @MSFTSecResponse MSRC Team Source: ms-msrc

Today, as part of Update Tuesday, we released 8 security bulletins.  We encourage customers to apply all of these updates. For more information about this month’s security updates, including the detailed view of the Exploitability Index (XI), visit the Microsoft Bulletin Summary webpage. If you are not familiar with how we calculate the XI, a full description can be found here. We released one new Security Advisory: Update for Juniper Network Windows In-Box Junos Pulse Client (2962393) One Security Advisory has been revised: Update for Adobe Flash Player in Internet Explorer (2755801) For the latest information, you can follow the Microsoft Security Response Center (MSRC) team on Twitter at @MSFTSecResponse. MSRC Team Source: ms-msrc