research

Today, Microsoft is announcing the launch of a limited-time bounty program for speculative execution side channel vulnerabilities. This new class of vulnerabilities was disclosed in January 2018 and represented a major advancement in the research in this field. In recognition of that threat...

This is the first of a series of blog entries to give some insight into the Microsoft Security Response Center (MSRC) business and how we work with security researchers and vulnerability reports. The Microsoft Security Response Center actively recognizes those security researchers who help us...

Interviews with Jann Horn and people who know him show how a combination of dogged determination and a powerful mind helped him stumble upon features and flaws that have been around for over a decade but had gone undetected. Continue reading...

I have literally spent hours researching to find an accurate step-by-step instruction on how to upload FOLDERS to OneDrive (I know how to upload files). First, I'm shocked it's not a feature of onedrive and made as easy as uploading files?? Sample of many Dead Ends "Just use the Upload tab in...

Some information I've put together regarding social engineering and how people use it to get information. I will likely expand it in the future. ***UPDATE*** This file is safe I did not rig it as a test.

Security researchers play an essential role in Microsoft’s security strategy and are key to community-based defense. To show our appreciation for their hard work and partnership, each year at BlackHat North America, the Microsoft Security Response Center highlights contributions of these...

Windows 10 represents the best and newest in our strong commitment to security with world-class mitigations. One of Microsoft’s longstanding strategies toward improving software security involves investing in defensive technologies that make it difficult and costly for attackers to find, exploit...

just wanting to run this past you guys … this post is straight from our good friends at bleepingcomputer.com … and the issue is in regards to the inherent vulnerabilities with current ssd-drives. i don't have much to say, since i do not own an ssd-drive …...

Over the past 10 months, we’ve paid out more than $200,000 USD in bounties to researchers reporting vulnerabilities through the Microsoft Edge Bounty Program. Partnering with the research community has helped improve Microsoft Edge security, and to continue this collaboration, today we’re...

Today, Microsoft triaged a large release of exploits made publicly available by Shadow Brokers. Understandingly, customers have expressed concerns around the risk this disclosure potentially creates. Our engineers have investigated the disclosed exploits, and most of the exploits are already...

I did a lot of research these days and found no useful informations (to me, at least): I want a simple program to read CPU (and possibly GPU) temperatures, but I also want that program to send those values to a usb (connected to an arduino), making programs like Speedfan or HWMonitor not...

Microsoft strives to protect our customers and we’re constantly improving our security posture to meet their needs. We realize the desire of researchers and customers to security test our services to ensure they can trust us and our solutions. We also believe that if a researcher informs us of a...

Today, a group of eight researchers from across the security industry released a research report on SHA-1 that demonstrates for the first time, a “hash collision” for the full SHA-1 hash algorithm (called “SHAttered”). This is a significant step toward understanding this type of security issue...

We live in an era where existing business models are being disrupted faster than ever before, fueled in large part by rapid changes in digital innovation. More distributed and digitally savvy employees expect companies to deliver the same choice and access to technical advancements in the...

Marie Mawad and Stefan Nicola | Bloomberg As makers of household appliances fill their machines with computer chips to make them smarter, consumers and privacy watchdogs should beware the data collected by these objects and how it’s used, says Marco Preuss, a director on Kaspersky’s global...

I’m very happy to announce another addition to the Link Removed. Microsoft will be hosting a bounty for Remote Code Execution vulnerabilities in Microsoft Edge on Windows Insider Preview builds. This bounty continues our partnership with the security research community in working to secure our...

Cheers Everyone, I have been stuck at a decision and need someones help. I have 2 Computers. one is an old desktop and one is the new laptop (2015 model inspiron). When the windows 10 Advertisement released, I want to try it so I Installed it on my old PC. It took 3 GB and then asked for a...

Today I have another exciting expansion of the Link Removed. Please visit Link Removed to find out more. As we approach release for .NET Core and ASP.NET, we would like to get even more feedback from the security research community. We are offering a bounty on the Link Removed which was...

Hi Everyone. This is pretty neat, Star Wars doesn't look so far away after you see this. It gives you a feel for what the world is really going to look like in only a few years. Microsoft is looking for insiders to test this now, and it is available for developers, who can spend the $3,000 on...

Really nice whitepaper on Cryptowall 4. It is pretty technical but still a good read. http://www.talosintel.com/files/publications_and_presentations/papers/CryptoWall4_WhitePaper.042016.pdf