All versions of an HTML editor used in several Microsoft properties, including ASP.NET, suffer from a high-risk cross-site scripting (XSS) vulnerability.
Browsing Category: Microsoft
While bounties have now become commonplace, simply offering one doesn’t guarantee any level of success for a vendor.
Microsoft today launched the Microsoft Online Services Bug Bounty Program which will pay out a minimum of $500 for vulnerabilities found in its cloud services such as Office 365.
Scott Charney, the head of Microsoft’s Trustworthy Computing efforts, said that he was the one who decided it was time to move the TwC group in a new direction and integrate the security functions more deeply into the company as a whole.
Dennis Fisher and Mike Mimoso talk abut the crazy news of the last couple of weeks, the Apple privacy and Apple Pay announcements, the details of the Home Depot breach and the end of the Microsoft Trustworthy Computing unit.
In a move that has surprised many in the security community, Microsoft has disbanded its Trustworthy Computing unit, the group that was responsible for the pioneering work that helped reverse the company’s security reputation and make Windows a much more secure and reliable computing platform. The end of the TwC group comes as Microsoft is in[...]
Microsoft patched a disclosure leak in Internet Explorer that revealed whether EMET or other antimalware protections were running on a compromised computer.
Home Depot finally confirmed its payment systems have been breached, but offered little further on whether customer personal data was stolen.
Microsoft announced four bulletins are scheduled for the September Patch Tuesday release, along with new research on public vulnerability disclosures.
Microsoft re-released MS14-045 today two weeks after pulling it from Windows Update because the patch was causing system crashes and blue screens of death.