Security ResponseVerified account

@msftsecresponse

We are the Microsoft Security Response Center. To report security vulnerabilities or abuse in Microsoft products, visit .

Redmond
msrc-blog.microsoft.com
Joined February 2010
77 Photos and videos Photos and videos

Tweets

You blocked @msftsecresponse

Are you sure you want to view these Tweets? Viewing Tweets won't unblock @msftsecresponse

  1. Pinned Tweet
    31 Oct 2018

    We use PGP to sign security notifications and encourage you to use our key when sending vulnerability reports to secure@microsoft.com. We've just updated the MSRC PGP key; the most recent version is always here:

    6 replies 58 retweets 133 likes
    Undo
  2. Dec 13

    Important steps for customers to protect themselves from recent nation-state cyberattacks.

    123 retweets 190 likes
    Undo
  3. Dec 8

    Security Updates for December 2020 are now available!. Details are here: - See the latest on the new Security Update Guide on our blog:

    3 replies 29 retweets 38 likes
    Undo
  4. Nov 10

    The November 2020 Security Updates are now online at . Adapting to the new SUG format? See our blog detailing the benefits of the new layout here:

    7 replies 24 retweets 36 likes
    Undo
  5. Nov 9

    With the launch of the new version of the Security Update Guide, we demonstrate our commitment to industry standards by describing vulnerabilities with the Common Vulnerability Scoring System (CVSS). See how moving to this model benefits you on our blog:

    3 replies 23 retweets 62 likes
    Undo
  6. Nov 5

    We are very excited to officially migrate to our new and improved Security Update Guide! offers a flexible, modern UX to help you more easily get the latest info on Microsoft security patches. For more details, please read our blog

    13 retweets 54 likes
    Undo
  7. Oct 29

    Reminder to all our Windows customers to deploy at least the August 2020 update or later and follow the original, published guidance to fully resolve the vulnerability, CVE-2020-1472. For further information, see our blog post:

    6 replies 77 retweets 131 likes
    Undo
  8. Oct 15

    Congrats to all researchers recognized in the MSRC Security Researcher Leaderboard for 2020 Q3! Check out our blog post for the full list of top researchers this quarter:

    3 replies 24 retweets 50 likes
    Undo
  9. Oct 14

    In case you missed it, check out the analysis of CHERI ISA by , and :

    11 retweets 26 likes
    Undo
  10. Oct 13

    Security Updates for October 2020 are now online. For all details, please see for the latest details.

    22 retweets 34 likes
    Undo
  11. Retweeted
    Oct 6

    Our researchers have been hard at work finding vulnerabilities as part of 's Azure Sphere challenge. In all, we've reported 16 bugs. You can find all of them here along with Snort coverage

    1 reply 15 retweets 31 likes
    Undo
  12. Retweeted
    Oct 6

    Here's our quick summary blog on the Azure Sphere bug bounty program. We're donating nearly $170k to some of the most important charities we could imagine.

    22 retweets 27 likes
    Undo
  13. Oct 6

    We are excited to share the result of the 3-month Azure Sphere Security Research Challenge: researchers surfaced 20 Critical and Important severity security vulnerabilities, with Microsoft awarding $374,300 for 16 bounty eligible reports. More in our blog:

    17 retweets 50 likes
    Undo
  14. Sep 28

    We have updated the KB article for CVE-2020-1472 to provide clarity on customers actions to ensure they are protected. See details here:

    2 replies 42 retweets 81 likes
    Undo
  15. Sep 28

    ICYMI: Last week MSRC’s Lisa Olson took a look at the evolution of , ’s role as a CVE Numbering Authority () and how that work has grown in recent years. See where came from and where it’s headed in her piece on the MITRE blog:

    CVE BLOG: “Our CVE Story: Ancient History of the CVE Program – Did the Microsoft Security Response Center have Precognition?” by Lisa Olson, CVE Board Member
    4 retweets 8 likes
    Undo
  16. Retweeted
    Sep 22

    An additional shout out to excellent contributions also from , @byxiaoD, and ! A difficult and close competition with last-hours leaderboard changes. I look forward to the public writeups detailing your approaches! Congrats and thank you to all!

    5 retweets 14 likes
    Show this thread
    Show this thread
    Undo
  17. Retweeted
    Sep 22

    For the attacker challenge: (1) `reevesrs24` from Ryan Reeves, with a perfect score, using only 723 API queries (4.82 queries/sample) (2) `needforspeed` again from and at , ALSO with a perfect score, using 741 API queries (4.94 q/s)

    1 reply 6 retweets 12 likes
    Show this thread
    Show this thread
    Undo
  18. Retweeted
    Sep 22

    For the defender challenge: (1) `domumpbq` from 's student team (Erwin, Lukas, Daniel) at , who fended off 69% of evasion attempts!! (2) `needforspeed` from and at , who fended off 51% of attempts

    3 replies 10 retweets 12 likes
    Show this thread
    Show this thread
    Undo
  19. Retweeted
    Sep 22

    Announcing winners of the ML Security Evasion Competition 🥁🥁🥁🥁🥁🥁🥁🥁 cc: , , ,

    1 reply 17 retweets 39 likes
    Show this thread
    Show this thread
    Undo
  20. Sep 21

    Today we are announcing the new version of the Microsoft Security Update Guide. Find out more about it here: .

    5 replies 62 retweets 88 likes
    Undo
  21. Sep 21

    Hey Researchers! Check out our latest blog post explaining what to expect at each stage of the Microsoft vulnerability submission process.

    1 reply 22 retweets 48 likes
    Undo

@msftsecresponse hasn't Tweeted yet.

Loading seems to be taking a while.

Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

    You may also like

    ·