Hack.lu: Why it’s all about building bridges
Handle:Cluster IRL: Maarten Van Horenbeeck Rank: Senior Program Manager Likes: Slicing covert channels, foraging in remote memory pools, and setting off page faults Dislikes: The crackling sound of...
View ArticleBehind the Curtain of Second Tuesdays
Handle: Mando Picker IRL: Dustin Childs Rank: Security Program Manager Likes: Protecting customers, working with security researchers, second Tuesdays, bourbon, mandolins Dislikes: Using “It’s hard” as...
View ArticleSecurity Advisory 2953095: recommendation to stay protected and for detections
Today, Microsoft released Security Advisory 2953095 to notify customers of a vulnerability in Microsoft Word. At this time, we are aware of limited, targeted attacks directed at Microsoft Word 2010....
View ArticleRecognizing Q3 Top 5 Bounty Hunters
Throughout the year, security researchers submit some amazing work to us under the Microsoft Bug Bounty program. Starting this quarter, we want to give a shout out to and acknowledge the hard work and...
View ArticleAnnouncing the Microsoft Edge Insider Bounty
This week, we released the first Beta preview of the next version of Microsoft Edge. Alongside this, Microsoft is excited to announce the launch of the Microsoft Edge Insider Bounty Program. We welcome...
View ArticleJuly 2020 Security Update: CVE-2020-1350 Vulnerability in Windows Domain Name...
Today we released an update for CVE-2020-1350, a Critical Remote Code Execution (RCE) vulnerability in Windows DNS Server that is classified as a ‘wormable’ vulnerability and has a CVSS base score of...
View ArticleWhat to Expect When Reporting Vulnerabilities to Microsoft
At the Microsoft Security Response Center’s (MSRC), our primary mission is to help protect our customers. One of the ways we do this is by working with security researchers to discover security...
View ArticleDisclosure of Vulnerability in Azure Automation Managed Identity Tokens
On December 10, 2021, Microsoft mitigated a vulnerability in the Azure Automation service. Azure Automation accounts that used Managed Identities tokens for authorization and an Azure Sandbox for job...
View ArticleOn-Premises Servers Products are Here! Introducing the Applications and...
Microsoft is excited to announce the addition of Exchange on-premises, SharePoint on-premises, and Skype for Business on-premises to the Applications and On-Premises Servers Bounty Program. Through...
View ArticleA Ride on the Wild Side with Hacking Heavyweight Sick Codes
Beverage of Choice: Krating Daeng (Thai Red Bull) Industry Influencer he Admires: Casey John Ellis What did you want to be when you grew up? A physician and nearly did Hobbies (Present & Past):...
View Article
