MS – 보안 대응 센터

Acquiring a VHD to Investigate In a previous post we described some of the differences between on-premises/physical forensics and cyber investigations and those performed in the cloud, and how this can make cloud forensics challenging. That blog post described a method of creating and maintaining a VM image which can be distributed to multiple regions, allowing you to deploy this … Acquiring a VHD to Investigate Read More » Source: Acquiring a VHD to Investigate

Scalable infrastructure for investigations and incident response Traditional computer forensics and cyber investigations are as relevant in the cloud as they are in on-premise environments, but the methods in which to access and perform such investigations differ. This post will describe some of the challenges of bringing on-premises forensics techniques to the cloud and show one solution to overcome these challenges, using … Scalable infrastructure for investigations and incident response Read More » Source: Scalable infrastructure for investigations and incident response

Announcing the Microsoft Edge Insider Bounty This week, we released the first Beta preview of the next version of Microsoft Edge. Alongside this, Microsoft is excited to announce the launch of the Microsoft Edge Insider Bounty Program. We welcome researchers to seek out and disclose any high impact vulnerabilities they may find in the next version of Microsoft Edge, based on … Announcing the Microsoft Edge Insider Bounty Read More » Source: Announcing the Microsoft Edge Insider Bounty

2019 年 8 月のセキュリティ更新プログラム (月例) 2019 年 8 月 14 日 (日本時間)、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しました。 Source: 2019 年 8 月のセキュリティ更新プログラム (月例)

Patch new wormable vulnerabilities in Remote Desktop Services (CVE-2019-1181/1182) Today Microsoft released a set of fixes for Remote Desktop Services that include two critical Remote Code Execution (RCE) vulnerabilities, CVE-2019-1181 and CVE-2019-1182. Like the previously-fixed ‘BlueKeep’ vulnerability (CVE-2019-0708), these two vulnerabilities are also ‘wormable’, meaning that any future malware that exploits these could propagate from vulnerable computer to vulnerable computer without user interaction. The affected … Patch new wormable vulnerabilities in Remote Desktop Services (CVE-2019-1181/1182) Read More » Source: Patch new wormable vulnerabilities in Remote Desktop Services (CVE-2019-1181/1182)