The Internet Bug Bounty, sponsored by Microsoft and Facebook, rewards researchers who find vulnerabilities in any of a dozen core Internet technologies.
Browsing Tag: Microsoft
Attackers exploiting the Microsoft Windows and Office zero day revealed yesterday are using an exploit that includes a malicious RAR file as well as a fake Office document as the lure, and are installing a wide variety of malicious components on newly infected systems. The attacks seen thus far are mainly centered in Pakistan.
Microsoft is warning users about targeted attacks against a new vulnerability in several versions of Windows and Office that could allow an attacker to take over a user’s machine. The bug, which is not yet patched, is being used as part of targeted attacks with malicious email attachments, mainly in the Middle East and Asia.[…]
Microsoft is expanding its bug bounty program to open up payments of up to $100,000 to incident response teams and forensics experts who come across active attacks in the wild.
Dennis Fisher talks with Katie Moussouris of Microsoft about her childhood exploits with Commodore 64 programming, ignoring her Barbies, growing up as a hacker, her days as a pen tester and the challenges of working on security at Microsoft.
Microsoft is warning Windows XP users that once the operating system is no longer supported as of next April, their chances of being infected by malware will rise significantly.
James Forshaw generally prefers finding bugs in code logic than memory corruption issues, but he admits he was incentivized by Microsoft’s $100,000 mitigation-bypass bounty.
Eight bulletins and 28 vulnerabilities, including two Internet Explorer zero days, are addressed by Microsoft’s October Patch Tuesday update.
Microsoft has announced that it plans to release eight patches next week as part of October’s Patch Tuesday release, addressing flaws in its Windows, Internet Explorer, .NET Framework, Office, Server and Silverlight software.
Guest contributor Andrew Storms reflects on a decade of Patch Tuesday. The Microsoft initiative turns 10 next week.