セキュリティ更新プログラムのアナトミー

Source: https://msrc-blog.microsoft.com/blog/2022/05/anatomy-of-a-security-update-jp/ 本ブログは、Anatomy of a Security Update の抄訳版です。最新の情報は原文を参照してください。 マイクロソフト セ

Anatomy of a Security Update

Source: https://msrc-blog.microsoft.com/2022/05/13/anatomy-of-a-security-update/ The Microsoft Security Response Center is part of the defender community and on the front line of security response for our customers and the company. Our mission is to protect … Read more

Vulnerability mitigated in the third-party Data Connector used in Azure Synapse pipelines and Azure Data Factory (CVE-2022-29972)

Source: https://msrc-blog.microsoft.com/2022/05/09/vulnerability-mitigated-in-the-third-party-data-connector-used-in-azure-synapse-pipelines-and-azure-data-factory-cve-2022-29972/ Summary Microsoft recently mitigated a vulnerability in Azure Data Factory and Azure Synapse pipelines. The vulnerability was specific to the third-party Open Database Connectivity (ODBC) driver used to connect to … Read more

VideoPress, Take 3

Source: https://wordpress.com/blog/2022/04/20/videopress-take-3/ We promised you “more is coming” in our latest update—and now more is here. More features that make the finest video service for WordPress even more powerful. You can upload … Read more

Expanding High Impact Scenario Awards for Microsoft Bug Bounty Programs

Source: https://msrc-blog.microsoft.com/2022/04/14/expanding-high-impact-scenario-awards-for-microsoft-bug-bounty-programs/ We are excited to announce the addition of scenario-based bounty awards to the Dynamics 365 and Power Platform Bounty Program and M365 Bounty Program. Through these new scenario-based bounty awards, … Read more

Microsoft’s Response to CVE-2022-22965 Spring Framework

Source: https://msrc-blog.microsoft.com/2022/04/05/microsofts-response-to-cve-2022-22965-spring-framework/ Summary Microsoft used the Spring Framework RCE, Early Announcement to inform analysis of the remote code execution vulnerability, CVE-2022-22965, disclosed on 31 Mar 2022. We have not to date noted … Read more