Security
Headlines
HeadlinesLatestCVEs

Tag

#microsoft

Anatomy of a Security Update

The Microsoft Security Response Center is part of the defender community and on the front line of security response for our customers and the company. Our mission is to protect customers and Microsoft from current and emerging threats related to security and privacy. We monitor threats and provide updated tools and guidance to help organizations … Anatomy of a Security Update Read More »

msrc-blog
Open in Source
#vulnerability#microsoft#zero_day
COOPER Analysis Tool

Cooper utilizes cooperative mutation to test the binding code of scripting languages to find memory-safe issues. Cooperative mutation simultaneously modifies the script code and the related document objects to explore various code paths of the binding code. To support cooperative mutation, the authors infer the relationship between script code and document objects to guide the two-dimensional mutation. They applied their tool Cooper on three popular commercial PDF tools, Adobe Acrobat, Foxit Reader, and Microsoft Word. Cooper detected 134 previously unknown bugs, which resulted in 33 CVE entries and 22K bug bounties.

Data Transformation: 3 Sessions to Attend at RSA 2022

Three RSA 2022 sessions take deep dives into the security considerations around data cloud transformation.

New Saitama backdoor Targeted Official from Jordan's Foreign Ministry

A spear-phishing campaign targeting Jordan's foreign ministry has been observed dropping a new stealthy backdoor dubbed Saitama. Researchers from Malwarebytes and Fortinet FortiGuard Labs attributed the campaign to an Iranian cyber espionage threat actor tracked under the moniker APT34, citing resemblances to past campaigns staged by the group. "Like many of these attacks, the email contained a

Anatomy of a Security Update

The Microsoft Security Response Center is part of the defender community and on the front line of security response for our customers and the company. Our mission is to protect customers and Microsoft from current and emerging threats related to security and privacy. We monitor threats and provide updated tools and guidance to help organizations defend against, identify, and remediate attacks.

CVE-2022-1640: Chromium: CVE-2022-1640 Use after free in Sharing

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 101.0.1210.47 5/13/2022 101.0.4951.64

CVE-2022-1639: Chromium: CVE-2022-1639 Use after free in ANGLE

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 101.0.1210.47 5/13/2022 101.0.4951.64

CVE-2022-1638: Chromium: CVE-2022-1638 Heap buffer overflow in V8 Internationalization

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 101.0.1210.47 5/13/2022 101.0.4951.64

CVE-2022-1637: Chromium: CVE-2022-1637 Inappropriate implementation in Web Contents

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 101.0.1210.47 5/13/2022 101.0.4951.64

CVE-2022-1636: Chromium: CVE-2022-1636 Use after free in Performance APIs

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 101.0.1210.47 5/13/2022 101.0.4951.64