Security
Headlines
HeadlinesLatestCVEs

Source

msrc-blog

2020 年 11 月のセキュリティ更新プログラム (月例)

2020 年 11 月 11 日 (日本時間)、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし

msrc-blog
Open in Source
セキュリティ更新プログラム リリース スケジュール (2021 年)

2021 年のセキュリティ更新プログラムの公開予定日は下記のとおりです。更新プログラムの評価、テスト、適用の

Vulnerability Descriptions in the New Version of the Security Update Guide

With the launch of the new version of the Security Update Guide, Microsoft is demonstrating its commitment to industry standards by describing the vulnerabilities with the Common Vulnerability Scoring System (CVSS). This is a precise method that describes the vulnerability with attributes such as the attack vector, the complexity of the attack, whether an adversary needs certain privileges, etc.

msrc-blog
Open in Source
#vulnerability#windows#microsoft#git#perl
Vulnerability Descriptions in the New Version of the Security Update Guide

With the launch of the new version of the Security Update Guide, Microsoft is demonstrating its commitment to industry standards by describing the vulnerabilities with the Common Vulnerability Scoring System (CVSS). This is a precise method that describes the vulnerability with attributes such as the attack vector, the complexity of the attack, whether an adversary needs certain privileges, etc.

新しいセキュリティ更新プログラム ガイドでの脆弱性情報の詳細

新しいバージョンのセキュリティ更新プログラムについては下記の関連ブログもご覧ください。 「新しいセキュ

Attacks exploiting Netlogon vulnerability (CVE-2020-1472)

Microsoft has received a small number of reports from customers and others about continued activity exploiting a vulnerability affecting the Netlogon protocol (CVE-2020-1472) which was previously addressed in security updates starting on August 11, 2020. If the original guidance is not applied, the vulnerability could allow an attacker to spoof a domain controller account that could be used to steal domain credentials and take over the domain.

Attacks exploiting Netlogon vulnerability (CVE-2020-1472)

Microsoft has received a small number of reports from customers and others about continued activity exploiting a vulnerability affecting the Netlogon protocol (CVE-2020-1472) which was previously addressed in security updates starting on August 11, 2020. If the original guidance is not applied, the vulnerability could allow an attacker to spoof a domain controller account that could be used to steal domain credentials and take over the domain.

[IT 管理者向け] DNS レコードを管理してサブドメイン テイクオーバーを防ぐ

みなさんは、「サブドメイン テイクオーバー」というセキュリティの問題をご存じですか? サブドメイン テイク

Microsoft Digital Defense Report でサイバーセキュリティの動向を知る

2020 年 9 月マイクロソフトは、昨年のサイバーセキュリティの動向を網羅した「Microsoft Digital Defense Repo

Announcing the Top MSRC 2020 Q3 Security Researchers

Following the MSRC’s 2020 Most Valuable Security Researchers announced during this year’s Black Hat, we’re excited to announce the top contributing researchers for the 2020 Third Quarter (Q3)! The top three researchers of the 2020 Q3