Securing AI and Cloud with the Zero Day Quest

Toward greater transparency: Publishing machine-readable CSAF files

Congratulations to the Top MSRC 2024 Q3 Security Researchers!

Announcing the BlueHat 2024 Sessions 

Announcing BlueHat 2024: Call for Papers now open 

Summary Summary Microsoft used the Spring Framework RCE, Early Announcement to inform analysis of the remote code execution vulnerability, CVE-2022-22965, disclosed on 31 Mar 2022. We have not to date noted any impact to the security of our enterprise services and have not experienced any degraded service availability due to this vulnerability.

Headline

Microsoft’s Response to CVE-2022-22965 Spring Framework

msrc-blog: Latest News