Microsoft Offensive Research & Security Engineering (MORSE), Author at Microsoft Security Blog

A female architect sitting at an office desk showing Windows 365 and its Welcome screen on dual desktop monitors. Shown on Windows 11.

Jan 26, 2023

16 min read

Introducing kernel sanitizers on Microsoft platforms

We share technical details of our work on the AddressSanitizer (ASAN) and how it contributes to durably improving software quality and security at Microsoft.

A nurse is holding Surface Go 3 in a ruggedized case.

Mar 14, 2022

5 min read

Secure your healthcare devices with Microsoft Defender for IoT and HCL’s CARE

Recently, Microsoft and global technology services firm HCL Technologies teamed up to help solve the security challenge with a high-performance solution for medical devices. The result is a new reference architecture and platform for building secure medical devices and services based on HCL's CARE, Microsoft Defender for IoT and Azure IoT.

Man sitting at a desk viewing Power BI and Welcome Screen within Windows 365.

Dec 8, 2021

6 min read

Improve kernel security with the new Microsoft Vulnerable and Malicious Driver Reporting Center

Windows 10 and Windows 11 have continued to raise the security bar for drivers running in the kernel. Kernel-mode driver publishers must pass the hardware lab kit (HLK) compatibility tests, malware scanning, and prove their identity through extended validation (EV) certificates.

Horizontal format of an attract image of Surface Pro 7+ in laptop mode with black typepad on a desk. Windows 11 screen shown.

Oct 4, 2021

4 min read

Windows 11 offers chip to cloud protection to meet the new security challenges of hybrid work

As the world has changed over the past 18-months, companies have been wrestling with ways to keep employees and data protected as they support new ways of hybrid working. We built Windows 11 to be the most secure Windows yet with built-in chip to cloud protection that ensures company assets stay secure no matter where work happens.

Adult female sitting at a desk, holding a Microsoft Slim Pen 2 while looking onto a platinum Surface Laptop Studio in stage mode.

Sep 29, 2021

3 min read

Defend against zero-day exploits with Microsoft Defender Application Guard

Zero-day security vulnerabilities are like gold to attackers. With zero-days, or even zero-hours, developers have no time to patch the code, giving hackers enough access and time to explore and map internal networks, exfiltrate valuable data, and find other attack vectors.

Sep 2, 2021

9 min read

A deep-dive into the SolarWinds Serv-U SSH vulnerability

We're sharing technical information about the vulnerability tracked as CVE-2021-35211, which was used to attack the SolarWinds Serv-U FTP software in limited and targeted attacks.

Jun 14, 2018

10 min read

Building Zero Trust networks with Microsoft 365

Zero Trust networks eliminate the concept of trust based on network location within a perimeter.

Microsoft Offensive Research & Security Engineering (MORSE) Posts