This week, MSRC confirmed the presence of an active Linux worm leveraging a critical Remote Code Execution (RCE) vulnerability, CVE-2019-10149, in Linux Exim email servers running Exim version 4.87 to 4.91. Azure customers running VMs with Exim 4.92 are not affected by this vulne … | Continue reading
Microsoft is pleased to announce the final release of the security configuration baseline settings for Windows 10 version 1903 (a.k.a., “19H1”), and for Windows Server version 1903. Download the content from the Microsoft Security Compliance Toolkit (click Download and select Win … | Continue reading
Microsoft is pleased to announce the draft release of the security configuration baseline settings for Windows 10 version 1903 (a.k.a., “19H1”), and for Windows Server version 1903. Please evaluate these proposed baselines and send us your feedback via blog comments below. Downlo … | Continue reading
In 2018 The Microsoft Bounty Program awarded over $2,000,000 to encourage and reward external security research in key technologies to protect our customers. Building on that success, we are excited to announce a number of improvements in our bounty programs to better serve the s … | Continue reading
Introduction Hyper-V is the backbone of Azure, running on its Hosts to provide efficient and fair sharing of resources, but also isolation. That’s why we, in the vulnerability research team for Windows, have been working in the background for years now helping secure Hyper-V. And … | Continue reading
The Microsoft Security Response Center (MSRC) is pleased to announce the launch of the Azure DevOps Bounty program, a program dedicated to providing rock-solid security for our DevOps customers. Starting January 17, 2019, we’re excited to offer rewards up to US$20,000 for eligibl … | Continue reading
Hello All, Recently I performed a RaaS with a customer and it provided a new recommendation that I thought would be great to pass along to you. Disable SMB1 on your server. This is an amazing suggestion as we have other versions of the protocol to do the work for you and due to t … | Continue reading
Last day of the year, and this was a great year for Azure Security Center. Looking back to all improvements that were introduced since the beginning of the year, it shows that we are going in the right direction. These improvements were based on customer's feedback, and to addres … | Continue reading
A few weeks ago a poster with the handle dloneranger reported in the 2CPU forums that he experienced reduced network throughput on his Vista system when he played audio or video. Other posters chimed in with similar results, and in the last week attention has been drawn to the be … | Continue reading
Microsoft has put a lot of effort in Hyper-V security. Hyper-V, and the whole virtualization stack, runs at the core of many of our products: cloud computing, Windows Defender Application Guard, and technology built on top of Virtualization Based Security (VBS). Because Hyper-V i … | Continue reading
Uncover the resources needed to assist your customers with threat, identity and information protection by exploring the offerings within Microsoft 365. This technical webinar is carefully planned and delivered by Microsoft Partner Technical Consultants, available to you as a Part … | Continue reading
Last week when I was testing the latest version of RootkitRevealer (RKR) I ran a scan on one of my systems and was shocked to see evidence of a rootkit. Rootkits are cloaking technologies that hide files, Registry keys, and other system objects from diagnostic and security softwa … | Continue reading
You might have known the 10 Immutable Laws Of Security since quite a while. It is kind of the “collected non-technical wisdom” of what we see in security respeonse being it in Microsoft Security Response Center or in our Security Product Support. There is now a version 2, which i … | Continue reading
Previously on this blog, we’ve talked about how MSRC automates the root cause analysis of vulnerabilities reported and found. After doing this, our next step is variant analysis: finding and investigating any variants of the vulnerability. It’s important that we find all such var … | Continue reading
Customers operating in high security environments, usually want to block access to specific folders. Using this method I was able to safely remove the write access from users without harming the functionality of Windows. BUT!!!! Please use at your own risk, and test in your own l … | Continue reading
Modern security depends today on collaborative communication of identities and identity data within and across domains. A customer’s digital identity is often the key to accessing services and interacting across the internet. Microsoft has invested heavily in the security and p … | Continue reading
Today we are excited to launch Surface Go, our brand new 10-inch ultra-light device, which gives you a highly portable form factor for mobile experiences at a lower price point. Importantly, for mobile workers and students, the good news is that great value does not come at a com … | Continue reading
Hello, my name is Greg Nottage and I am a Consultant with the Windows and Devices team in the UK. I often work with customers who are in the process of transitioning to Windows 10 but are considering the use of Windows 10 Long Term Servicing Channel (often shortened to LTSC and a … | Continue reading
Microsoft’s commitment to protecting customers from vulnerabilities in our products, services, and devices includes providing security updates that address these vulnerabilities when they are discovered. We understand that researchers have wanted better clarity around the securit … | Continue reading
In January, 2018, Microsoft published an advisory and security updates for a new class of hardware vulnerabilities involving speculative execution side channels (known as Spectre and Meltdown). In this blog post, we will provide a technical analysis of an additional subclass of s … | Continue reading
Today, Microsoft is announcing the launch of a limited-time bounty program for speculative execution side channel vulnerabilities. This new class of vulnerabilities was disclosed in January 2018 and represented a major advancement in the research in this field. In recognition of … | Continue reading
One of the new features mentioned in the What’s new in Windows 10 1803 documentation is a new ability to perform a feature update without suspending BitLocker. This is what it says: New command-line switches are also available to control BitLocker: Setup.exe /BitLocker AlwaysSus … | Continue reading