msrc-blog

Today, I have another exciting expansion of the Microsoft Bounty Programs to announce. Please visit https://aka.ms/bugbounty to find out more. I’ll be discussing this new bounty in my talk at SyScan360 on October 21, 2015. We are delighted to offer a bounty for the .NET Core and ASP.NET Beta which Microsoft released earlier this month.

Enhanced Mitigation Experience Toolkit (EMET) version 5.5 Beta is now available The Enhanced Mitigation Experience Toolkit (EMET) benefits enterprises and all computer users by helping to protect against security threats and breaches that can disrupt businesses and daily lives. It does this by anticipating, diverting, terminating, blocking, or otherwise invalidating the most common actions and techniques adversaries might use to compromise a computer.

We are happy to announce the 15th version of the Microsoft BlueHat Security Conference set for January 12-13, 2016. The annual security conference brings internal and external speakers to educate and engage Microsoft’s engineering community and their executives. Work is under way currently to set the schedule for this event. Attendance at BlueHat is open to Microsoft full time employees, contingent staff, and invited researchers, luminaries, partners, and customers.

Today we released security updates to provide protections against malicious attackers. As a best practice, we encourage customers to apply security updates as soon as they are released. More information about this month’s security updates and advisories can be found in the Security TechNet Library. MSRC Team

One of Microsoft’s longstanding strategies toward improving software security continues to involve investing in defensive technologies that make it difficult and costly for attackers to exploit vulnerabilities. These solutions generally have a broad and long lasting impact on software security because they focus on eliminating classes of vulnerabilities or breaking the exploitation primitives that attackers rely on.

Today we released security updates to provide protections against malicious attackers. As a best practice, we encourage customers to apply security updates as soon as they are released. More information about this month’s security updates and advisories can be found in the Security TechNet Library. MSRC Team

On Tuesday, August 18, 2015, Microsoft released a security update solution to address a vulnerability. The update is for all supported versions of Internet Explorer. We recommend customers to apply this update as soon as possible by following the directions on the TechNet.com/Security website, in Security Bulletin MS15-093. More information about this bulletin can be found at Microsoft’s Bulletin Summary page.

Introduction Introduction Today Microsoft released update MS15-085 to address CVE-2015-1769, an important severity security issue in Mount Manager. It affects both client and server versions, from Windows Vista to Windows 10. The goal of this blog post is to provide information on the detection guidance to help defenders detect attempts to exploit this issue.

Today we released security updates to provide protections against malicious attackers. As a best practice, we encourage customers to apply security updates as soon as they are released. More information about this month’s security updates and advisories can be found in the Security TechNet Library. MSRC Team

I am very pleased to be releasing additional expansions of the Microsoft Bounty Programs. Please stop by the Microsoft Networking Lounge at Black Hat, August 5-6, to learn more about these programs; or, visit https://aka.ms/BugBounty. We are raising the Bounty for Defense maximum from $50,000 USD to $100,000 USD. I am also very excited to announce that we are launching a bonus period for Authentication vulnerabilities in the Online Services Bug Bounty.