Microsoft unveils Microsoft Security Copilot agents and new protections for AI
Learn about the upcoming availability of Microsoft Security Copilot agents and other new offerings for a more secure AI future.
Latest posts
Is that call from Microsoft a scam?
Neither Microsoft nor our partners make unsolicited phone calls (also known as cold calls) about your computer security or software fixes.
Microsoft Interflow: a new Security and Threat Information Exchange Platform
<p>Today, the Microsoft Security Response Center (MSRC) announced the private preview of <a href="http://approjects.co.za/?big=interflow">Microsoft Interflow</a>. This is a security and threat information exchange platform for cybersecurity analysts and researchers.</p> <p>Interflow provides an automated machine-readable feed of threat and security information that can be shared across industries and community groups in near real-time. This platform provides this information using open specifications <a href="http://stix.mitre.org/">STIX™ (Structured Threat Information eXpression), </a><a href="http://taxii.mitre.org/">TAXII™ (Trusted Automated eXchange of Indicator Information), </a>and<a href="http://cybox.mitre.org/"> CybOX™ (Cyber Observable eXpression standards). </a>This enables Interflow to integrate with existing operational and analytical tools that many organizations use through a plug-in architecture. It has the potential to help reduce the cost of defense by automating processes that are currently performed manually. </p> <p>You can get more information on Microsoft Interflow on the <a href="/b/msrc/archive/2014/06/23/announcing-microsoft-interflow.aspx">MSRC blog</a>, and as well as in this <a href="http://technet.microsoft.com/en-us/security/dn726547">FAQ</a> and at <a href="http://approjects.co.za/?big=interflow">www.microsoft.com/interflow</a>.</p>
When Vulnerabilities are Exploited: the Timing of First Known Exploits for Remote Code Execution Vulnerabilities
<p>One of the questions I get asked from time to time is about the days of risk between the time that a vulnerability is disclosed and when we first see active exploitation of it; i.e. how long do organizations have to deploy the update before active attacks are going to happen? Trustworthy Computing’s <a href="http://approjects.co.za/?big=security/msec.aspx">Security Science </a>team published new data that helps put the timing of exploitation into perspective, in the recently released <a href="http://approjects.co.za/?big=sir">Microsoft Security Intelligence Report volume 16</a>.</p> <p>The Security Science team studied exploits that emerged for the most severe vulnerabilities in Microsoft software between 2006 and 2013. The exploits studied were for vulnerabilities that enable remote code execution. The timing of the release of the first known exploit for each remote code execution vulnerability was examined and the results were put into three groups. <a href="/b/security/archive/2014/06/16/when-vulnerabilities-are-exploited-the-timing-of-first-known-exploits-for-remote-code-execution-vulnerabilities.aspx">Read more</a></p>
Microsoft is building a global online safety community, one tweet at a time
Some say, “It takes a village to raise a child.” Extending this notion, it takes an entire global community to make the Internet a safer and better place. Microsoft is committed to fostering digital citizenship—the safer, responsible, and more appropriate use of devices and technology. Although it’s impossible to be all things to all people, […]
Retain Microsoft Security Experts
Microsoft Security Experts are now available to strengthen your team with managed security services. Learn how to defend against threats with security experts.
New Guidance for Securing Public Key Infrastructure
<p>Public Key Infrastructure (PKI) is used as a building block to provide key security controls, such as data protection and authentication for organizations. Many organizations operate their own PKI to support things like remote access, network authentication and securing communications.</p> <p>The threat of compromise to IT infrastructures from attacks is evolving. The motivations behind these attacks are varied, and compromising an organization’s PKI can significantly help an attacker gain access to the sensitive data and systems they are after.</p> <p>To help enterprises design PKI and protect it from emerging threats, Microsoft IT has released a detailed technical reference document - “<strong><a href="/controlpanel/blogs/posteditor.aspx/<strong>http:/aka.ms/securingpkidl</strong>">Securing Public Key Infrastructure</a></strong>.” <a href="/b/security/archive/2014/06/11/new-guidance-for-securing-public-key-infrastructure.aspx">Read more</a></p>
5 ways to protect your Microsoft account
Your Microsoft account (formerly your Windows Live ID) is the combination of an email address and a password that you use to sign in to services such as Xbox LIVE and Outlook.com, as well as devices such as Windows Phone and computers running Windows 8. A Microsoft account is free and you can use it […]
New Microsoft Threat Modeling Tool 2014 Now Available
<p>Today we’re announcing the release of the <strong><a href="http://download.microsoft.com/download/3/8/0/3800050D-2BE7-4222-8B22-AF91D073C4FA/MSThreatModelingTool2014.msi">Microsoft Threat Modeling Tool 2014</a></strong>. This is the latest version of the free <a href="/b/security/archive/2012/08/23/microsoft-s-free-security-tools-threat-modeling.aspx">Security Development Lifecycle Threat Modeling Tool </a>that was previously released back in 2011.</p> <p>More and more of the customers I have been talking to have been leveraging threat modeling as a systematic way to find design-level security and privacy weaknesses in systems they are building and operating. Threat modeling is also used to help identify mitigations that can reduce the overall risk to a system and the data it processes. Once customers try threat modeling, they typically find it to be a useful addition to their approach to risk management. </p> <p>We have been threat modeling at Microsoft for more than 10 years. It is a key piece of the design phase of the <a href="http://approjects.co.za/?big=security/sdl/default.aspx">Microsoft Security Development Lifecycle </a>(SDL). In 2011 we released the SDL Threat Modeling Tool, free of charge, to make it easier for customers and partners to threat model as part of their software development processes. The tool has been very popular and we have received a lot of positive customer feedback in addition to suggestions for improvement. <a href="/b/security/archive/2014/04/15/new-microsoft-threat-modeling-tool-2014-now-available.aspx">Read more</a></p>
Adware: A new approach
Protecting the modern workplace from a wide range of undesirable software Our evaluation criteria describe the characteristics and behavior of malware and potentially unwanted applications and guide the proper identification of threats. Learn how we classify malicious software, unwanted software, and potentially unwanted applications. Read the blog post. Here at the Microsoft Malware Protection Center […]
Modernize your Security Operations Center with Microsoft Sentinel
Microsoft Sentinel is a cloud-native SIEM solution powered by AI and automation that delivers intelligent security analytics across your entire enterprise.
Reliability Series #1: Reliability vs. resilience
Whenever I speak to customers and partners about reliability I’m reminded that while objectives and priorities differ between organizations and customers, at the end of the day, everyone wants their service to work. As a customer, you want to be able to do things online, at a time convenient to you. As an organization – […]
How do I know if I already have antivirus software?
If your computer is running Windows 8, you already have antivirus software. Windows 8 includes Windows Defender, which helps protect you from viruses, spyware, and other malicious software.
Enterprise Threat Encounters: Scenarios and Recommendations – Part 1
<p>Many of the IT Professionals that contact our customer service and support group have common questions related to security incidents and are seeking guidance on how to mitigate threats from determined adversaries. Given the level of interest in this information and common scenarios that exist amongst different organizations, we are publishing a multi-part series which will detail common security incidents organizations face and provide recommended mitigations based on guidance from our Security Support team. </p> <p>It is important to note that each phase has one or more technical and, more importantly, administrative controls that could have been used to block or slow down the attack. These mitigations are listed after each phase. Each mitigation addresses specific behaviors and attack vectors that have been seen previously in multiple security incidents. <a href="/b/security/archive/2013/12/18/enterprise-threat-encounters-scenarios-and-recommendations-part-1.aspx">Read more.</a></p>
Detect and remove spyware
Spyware is a general term used to describe software that performs certain actions—generally without appropriately obtaining your consent—such as: Advertising Collecting personal information Changing the configuration of your computer If your computer is running Windows 8, you can use the built-in Windows Defender to help you detect and get rid of spyware and other malware. If your […]