Announcing The BlueHat Podcast: Listen and Subscribe Now!
Available today on all major podcast platforms is The BlueHat Podcast, a new series of security research focused conversations, continuing the themes from the BlueHat 2023 conference (session recordings available to watch here).
Since 2005, BlueHat has been where the security research community, and Microsoft, come together as peers: to debate, discuss, share, challenge, celebrate and learn.
Categories: Microsoft
2023 年 5 月のセキュリティ更新プログラム (月例)
2023 年 5 月 9 日 (米国時間)、マイクロソフトは、マイクロソフト製品に影響する脆弱性を修正するために、セキ
Categories: Microsoft
CVE-2023-24932 に関連するセキュア ブート マネージャーの変更に関するガイダンス
本ブログは、Guidance related to Secure Boot Manager changes associated with CVE-2023-24932 の抄訳版です。最新の情報は原文を参照してください。 概要
Categories: Microsoft
Guidance related to Secure Boot Manager changes associated with CVE-2023-24932
Summary Summary Today, Microsoft is releasing CVE-2023-24932, and associated configuration guidance, to address a Secure Boot bypass vulnerability used by the BlackLotus bootkit to exploit CVE-2022-21894. Customers will need to closely follow the configuration guidance to fully protect against this vulnerability.
This vulnerability allows an attacker to execute self-signed code at the Unified Extensible Firmware Interface (UEFI) level while Secure Boot is enabled.
Categories: Microsoft
マイクロソフトのオンラインサービスにおける、脆弱性の深刻度分類の公開
本ブログは、Microsoft Vulnerability Severity Classification for Online Services Publication の抄訳版です。最新の情報は原文を参照してください。 マイク
Categories: Microsoft
Microsoft Vulnerability Severity Classification for Online Services Publication
The Microsoft Security Response Center (MSRC) is always looking for ways to provide clarity and transparency around how we assess the impact of vulnerabilities reported in our products and services. We have published a new Microsoft Vulnerability Severity Classification for Online Services to provide additional information about our approach to online services and web applications.
Categories: Microsoft
Congratulations to the Top MSRC 2023 Q1 Security Researchers!
Congratulations to all the researchers recognized in this quarter’s Microsoft Researcher Recognition Program leaderboard! Thank you to everyone for your hard work and continued partnership to secure customers.
The top three researchers of the 2023 Q1 Security Researcher Leaderboard are: Kai Lu (@K3vinLuSec), Yuki Chen, and wh1tc & Edwardzpeng! Check out the full list of researchers recognized this quarter here.
Categories: Microsoft
2023 年 4 月のセキュリティ更新プログラム (月例)
2023 年 4 月 11 日 (米国時間) 、マイクロソフトは、マイクロソフト製品に影響する脆弱性を修正するために、セキ
Categories: Microsoft
Azure Storage Keys、Azure Functions、Azure Role Based Access に関するベスト プラクティス
本ブログは、Best practices regarding Azure Storage Keys, Azure Functions, and Azure Role Based Access の抄訳版です。最新の情報は原文を参照してください。 概要 概
Categories: Microsoft
Best practices regarding Azure Storage Keys, Azure Functions, and Azure Role Based Access
Summary Summary Azure provides developers and security operations staff a wide array of configurable security options to meet organizational needs. Throughout the software development lifecycle, it is important for customers to understand the shared responsibility model, as well as be familiar with various security best practices. This is particularly important in deploying Azure Functions and in provisioning Azure Role Based Access Control as customers are responsible for configuring and managing applications, identity, and data.
Categories: Microsoft
Azure ADを使用するマルチテナント アプリケーションの承認に関する構成ミスの可能性に関するガイダンス
本ブログは、Guidance on Potential Misconfiguration of Authorization of Multi-Tenant Applications that use Azure AD の抄訳版です。最新の情報は原文を参照してください
Categories: Microsoft
Guidance on Potential Misconfiguration of Authorization of Multi-Tenant Applications that use Azure AD
Summary Summary Microsoft has addressed an authorization misconfiguration for multi-tenant applications that use Azure AD, initially discovered by Wiz, and reported to Microsoft, that impacted a small number of our internal applications. The misconfiguration allowed external parties read and write access to the impacted applications. Microsoft immediately corrected the misconfiguration and added additional authorization checks to address the issue and confirmed that no unintended access had occurred.
Categories: Microsoft
Microsoft Mitigates Outlook Elevation of Privilege Vulnerability
Summary Summary Microsoft Threat Intelligence discovered limited, targeted abuse of a vulnerability in Microsoft Outlook for Windows that allows for new technology LAN manager (NTLM) credential theft. Microsoft has released CVE-2023-23397 to address the critical elevation of privilege (EoP) vulnerability affecting Microsoft Outlook for Windows. We strongly recommend all customers update Microsoft Outlook for Windows to remain secure.
Categories: Microsoft
2023 年 3 月のセキュリティ更新プログラム (月例)
2023 年 3 月 14 日 (米国時間) 、マイクロソフトは、マイクロソフト製品に影響する脆弱性を修正するために、セキ
Categories: Microsoft
マイクロソフトは Outlook の 特権昇格の脆弱性を緩和します
本ブログは、Microsoft Mitigates Outlook Elevation of Privilege Vulnerability の抄訳版です。最新の情報は原文を参照してください。 Microsoft Threat Intelligence は
Categories: Microsoft
Azure Kubernetes Service (AKS) Threat Hunting
As more businesses shift away from running workloads on dedicated virtual machines to running them inside containers using workload orchestrators like Kubernetes, adversaries have become more interested in them as targets. Moreover, the benefits Kubernetes provides for managing workloads are also extended to adversaries. As adversaries leverage Kubernetes to run their workloads, their understanding of how these platforms work and can be exploited increases.
Categories: Microsoft
Configuring host-level audit logging for AKS VMSS
This blog post runs you through how to enable and configure Linux audit logging on your Azure Kubernetes Service (AKS) Virtual Machine Scale Set (VMSS) using the Linux auditing subsystem, also known as auditd.
Warning The information provided below is accurate as of the release date of this blog post (2023-03) and guidance may change in future.
Categories: Microsoft
First steps in CHERIoT Security Research
First steps in CHERIoT Security Research First steps in CHERIoT Security Research At Microsoft, we invest a lot of time researching and investigating possibilities in our journey to memory safety. Because the massive majority of existing codebases are written in unsafe programming languages, the task of protecting legacy code is very important.
Categories: Microsoft