Archives
-
サポート終了後の Windows XP、マルウェア対策ソフトが動いていれば安心?
-
Protection metrics – November results
In our October results, we talked about a trio of families related to Win32/Sefnit. Our November results showed progress against Sefnit and the installers and downloaders of Sefnit (Win32/Rotbrow and Win32/Brantall). In comparison to September, active Sefnit infections have been reduced by 82 percent. As with prior months, our rate of incorrect detections also remained low and performance stayed consistent.
-
Turkey: Understanding high malware encounter rates in SIRv15
In our most recent version of the Security Intelligence Report (SIRv15), we compared the encounter rates of malware categories for the top 10 countries with computers reporting the most detections in 2Q13. Amongst these countries, Turkey stood out with considerably high encounter rates in multiple categories. Encounter rate is the percentage of computers in a country that reported at least one detection of malware.
-
Summering 2013
Jul och nyår står för dörren och det är dags att blicka tillbaka på året som passerat. För mig personligen är 2013 det första hela året jag arbetade på Microsoft och det har varit otroligt intensivt och roligt. Jag imponeras ständigt av våra kunniga medarbetare, smarta tjänster och snygga enheter.
-
休暇中に被害に遭わないために ~お休み前のセキュリティ チェック
今年の年末年始は大型休暇になる方もいらっしゃるのではないでしょうか。
-
Updates: Coreinfo v3.21, Disk2vhd v2.0, LiveKd v5.31
Coreinfo v3.21: CoreInfo is a command-line tool for reporting processor topology, NUMA performance, and processor features. The v3.21 release adds microcode reporting.
-
Windows 8-spel till julledigheten
Med spel från G5 Entertainment till Windows 8/8.1 kan hela familjen ta en välbehövlig paus från julstressen. Bygg din drömstad, lös mysterium i förtrollade tavlor eller spela klassiska Mahjong. Oavsett vad som lockar just dig bjuds du på mystik, äventyr och hjärngympa.
- G5 Entertainment har många spel till Windows 8 som passar hela familjen och är perfekta att spela under julledigheten. Med brädspel, pussel, problemlösande under tidspress och äventyr har G5 spel som passar alla, säger Larissa Corcoran, marknadschef på G5 Entertainment
Lost Souls: Enchanted Paintings
Bellas liv omkullkastas när en mystisk tavla helt plötsligt står utanför hennes dag. Samma dag försvinner hennes son spårlöst. I Lost Souls: Enchanted Paintings följer du med Bella på ett magiskt äventyr genom förtrollade tavlor och för arbeta med hjärnan för att lösa spelets pusselliknande problem.
Pris: Gratis
Ladda hem Enchanted Paintings här
Virtual City Playground
I Virtual City Playground får du möjlighet att bygga din drömstad. Och sen är det upp till dig att driva staden. Det innebär att det är du som ska se till att det finns en fungerande kollektivtrafik, att soporna hämtas och att sjukvården fungerar. Det är helt enkelt upp till dig att se till att invånarna trivs i din stad.
Pris: Gratis
Ladda hem Virtual City Playground här
Mahjong Artifacts
Ta en paus från julstressen och låt Mahjong Artifacts atmosfär från antika civilisationer lugna ner dig. Spelet ger dig bonuspoäng beroende på hur skickligt du löser de olika spelplanerna, du kan även samla troféer för olika prestationer. Spelet innehåller även olika twists i form av specialbrickor som erbjuder dig nya förutsättningar att lösa problemen som du ställs för.
Pris: 55,00 SEK
Ladda hem Mahjong Artifacts här -
2013 年マイクロソフトのセキュリティ情報まとめ
皆さん、こんにちは!関東地方では、雪が降るとの予報がでていますが、今日はとても寒いです。仕事も私生活もイベントが多く何かと忙しい時期でもありますので、体調管理には十分ご注意くださいね。さて、今回は、今年最後の月例セキュリティ情報の公開が終わりましたので、簡単ではありますが振り返りをしたいと思います。
-
Office 365 hjälper Coop sänka kostnaderna
Låga matpriser och hållbar miljö är två viktiga ingredienser i Coops affärsidé. För att uppnå dessa mål har man tagit Microsofts Office 365 till hjälp. Utrullningen skedde just före sommaren och har redan gett resultat.
-
Predictions for 2014 and the December 2013 Security Bulletin Webcast, Q&A, and Slide Deck
Today we’re publishing the December 2013 Security Bulletin Webcast Questions & Answers page. We answered 17 questions in total, with the majority of questions focusing on the Graphics Component bulletin (MS13-096), Security Advisory 2915720 and Security Advisory 2905247.
-
SVT Nyheter till Windows Phone 8
I förra veckan lanserades appen SVT Nyheter till Windows Phone 8. Appen är ett snabbt och enkelt sätt att hålla sig uppdaterad med de senaste nyhetsartiklarna, tv-inslagen och livesändningar från SVT´s nyhetsbevakning.
-
Be a real security pro - Keep your private keys private
One of the many unusual characteristics of the Stuxnet malware that was discovered in 2010 was that its files were distributed with a valid digital signature, created using authentication credentials that belonged to two unrelated legitimate software companies. Normally the signature would verify that the program was issued by the company listed in the signing certificate, and that the contents of the program had not been tampered with since it was signed. By using other companies’ authentication credentials to sign their own files, malware distributors are able to make it appear that their files have come from a more trustworthy source.
-
BI-lösning i SQL Server ger Boxer lojala kunder
Konkurrensen på TV-marknaden ökar ständigt. Bara under de senaste två åren har den skruvats upp av nya film- och playtjänster på internet. Det är viktigt att få nya kunder, men kanske ännu viktigare att behålla de man redan har. För att möta konkurrensen förbättrar Boxer TV-Access sin kundkommunikation med hjälp av artificiell intelligens och en beslutsstödslösning byggd av Random Forest på Microsoft SQL Server Enterprise 2012.
-
Cloud OS Network: Tieto och Microsoft stärker sitt samarbete
Tieto går med i Microsofts Cloud OS Network för att ytterligare utveckla tjänsterna i Tieto Productivity Cloud, som erbjuds i de nordiska länderna. Cloud OS Network är ett globalt konsortium bestående av molntjänstleverantörer som har tagit till sig Microsoft Cloud OS-visionen. Dessa organisationer erbjuder lösningar för infrastruktur och produktivitetstjänster som baseras på Microsoft validerade plattform utformad för att uppfylla företagens affärsbehov. Avtalet gör det möjligt för Tieto att fortsätta utveckla lösningar på Microsofts molnplattform.
-
Microsoft Cloud OS Network lanseras idag
Idag lanseras Microsoft Cloud OS Network, ett globalt konsortium av mer än 25 molntjänsteleverantörer som tillhandahåller tjänster som bygger på Microsoft Cloud Platform: Windows Server med Hyper-V, System Center och Windows Azure Pack.
-
Telecomputing går med i Microsoft Cloud OS Network
Telecomputing meddelar idag att de går med i det globala molninitiativet Microsoft Cloud OS Network, för att erbjuda ökad produktivitet och flexibilitet. Microsoft Cloud OS Network har många molntjänstleverantörer anslutna över hela världen och Telecomputing är en av de första i Sverige att ansluta sig till nätverket. Alliansen gör det möjligt för Telecomputing att kombinera sina lokala produkter och tjänster med Microsofts molnplattform, vilket ger nordiska kunder hög flexibilitet och lösningar som är anpassade efter deras behov.
-
2013 年 12 月のセキュリティ更新プログラムのリスク評価
本記事は、Security Research & Defense のブログ “Assessing risk for the December 2013 security updates” (2013 年 12 月 10 日公開) を翻訳した記事です。
-
Enkelt att byta från Gmail till Outlook.com
Nu gör Microsoft det enklare än någonsin att byta från Gmail till Outlook.com. Den nya tjänsten hjälper dig att importera ditt Gmail-konto med alla dina mail och kontakter till Outlook.com.
När du ansluter ditt Gmail-konto kommer tjänsten att importera alla dina mail till din inbox på Outlook.com, strukturen på din inbox och läst/oläst-statusen kommer att bevaras. Även alla dina kontakter kommer automatiskt att finnas i Outlook.com. Om du vill kan du fortsätta att skicka dina mail från din @gmail.com-adress, direkt från Outlook.com.
Outlook.com har över 400 miljoner aktiva användare och är en modern mailtjänst som är anpassad att fungera lika bra med mus och tangentbord som på pekskärm. Med Outlook.com kan du enkelt chatta med dina vänner på Facebook och Google, du får tillgång till 7GB molnlagring på SkyDrive och kan använda Office webbappar, som till exempel Word och Excel.
Det är enkelt att byta från Gmail till Outlook.com -
Pennybridge förenklar välgörenhet med .net
Att utveckla en egen plattformslösning skulle ta för lång tid tyckte insamlingsföretaget Pennybridge. Valet föll på .net – ett ramverk med kort utvecklingstid.
-
2013 年 12 月のセキュリティ情報 (月例) - MS13-096~MS13-106
2013 年 12 月 11日 (日本時間)、マイクロソフトは計 11 件 (緊急 5 件、重要 6 件) の新規セキュリティ情報を公開しました。新規セキュリティ情報を公開すると共に、新規のセキュリティアドバイザリ 3 件の公開、既存のセキュリティ アドバイザリ 2 件の更新を行いました。なお、今月の「悪意のあるソフトウェアの削除ツール」では、新たに確認した 1 種類のマルウェアに対応しています。
-
Omphaloskepsis and the December 2013 Security Update Release
There are times when we get too close to a topic. We familiarize ourselves with every aspect and nuance, but fail to recognize not everyone else has done the same. Whether you consider this myopia, navel-gazing, or human nature, the effect is the same. I recognized this during the recent webcast when someone asked the question – “What’s the difference between a security advisory and a security bulletin?” The answer was simple to me, as I’ve been doing this for years, but the question was valid and it reminded me that not every person on the planet knows all of the ins and outs of Update Tuesday.
-
Rotbrow: the Sefnit distributor
This month's addition to the Microsoft Malicious Software Removal Tool is a family that is both old and new. Win32/Rotbrow existed as far back as 2011, but the first time we saw it used for malicious purposes was only in the past few months.
-
SQL Server 2014 Hybrid Cloud Scenarios: Migrating On-Premises SQL Server to Windows Azure Virtual Machines
Those of you who have tried the new version of SQL Server Management Studio might have noticed already that it has a couple of new wizards added. One of those wizards is sitting next to the already existing that has been allowing you to deploy to a Windows Azure SQL Database service (former SQL Azure) and it is called Deploy Database to a Windows Azure Virtual Machine (VM).
-
Microsoft och Inet i nytt samarbete om Windows 8
Microsoft och Inet inleder ett samarbete för att i Inets butiker praktiskt visa besökarna hur ekosystemet runt Windows 8 kan användas i hemmen.
– Vi är stolta över att samarbeta med ett av världens största IT-företag, både kunskapsmässigt och produktmässigt, och glada över att ge våra kunder möjlighet att uppleva det allra senaste, säger Johan Wahlberg, marknadschef för Inet. -
セキュリティ アドバイザリ 2916652「不正なデジタル証明書により、なりすましが行われる」を公開
[2013/12/13 追記]
-
Security Advisory 2916652 released, Certificate Trust List updated
Microsoft is updating the Certificate Trust List (CTL) for all supported releases of Microsoft Windows to remove the trust of a mis-issued third-party digital certificate, which could be used to spoof content and perform phishing or man-in-the-middle attacks against web properties. With this action, customers will be automatically be protected against this issue. Additionally, the Enhanced Mitigation Experience Toolkit (EMET) 4.0 and newer versions help mitigate man-in-the-middle attacks by detecting untrusted or improperly issued SSL certificates through the Certificate Trust feature.
-
Första pris för Nobelprisets skalbara hemsida
Varje år vid denna tid riktas världens ögon mot Sverige, när Nobelpriset delas ut till ledande personer som förändrar världen till det bättre. När de prestigefyllda pristagarna tillkännages i oktober och när de får sina priser i december märks en 100-faldig ökning av besökare på www.nobelprize.org med trafik på upp till tre miljoner träffar på bara en vecka.
-
Microsoft omorganiserar och stärker sitt nordiska annonserbjudande
Microsoft Advertising har skapat en ny nordisk organisation för att möta den ökande efterfrågan från annonsörer och mediebyråer som planerar kampanjer. Syftet är att göra det enklare och mer effektivt för annonsköpare att nå en köpstark målgrupp via Microsofts attraktiva kanaler på lokal och nordisk nivå.
Internetanvändare interagerar allt mer med varumärken som engagerar och underhåller dem i relevanta och avskalade miljöer på olika plattformar. Med de nya organisationen möter Microsoft Advertising annonsörernas och byråernas behov att kunna köpa nordiska kampanjer på ett enklare och mer effektivt sätt. Den nya nordiska organisationen kommer ha kontor i Stockholm, Köpenhamn, Oslo, och Helsingfors.
- Vi vill göra det enklare och effektivare för våra annonsköpare att på ett relevant sätt bygga relationer med våra användare. Därför skapar vi en nordisk organisation där vi kan erbjuda attraktiva lösningar, lokalt och nordiskt, med en total räckvidd på över 10,8 miljoner säger Ulrik Krag, nyligen tillträdd chef för Microsoft Advertising i Norden.
Rikard Bildsten, tillträdde som ny Sverigechef för Microsoft Advertising i början av november efter olika roller inom Microsoft Advertising, är väldigt positiv till den nordiska omorganisationen.
- Jag ser verkligen fram emot att leda vårt säljteam under en spännande period. Vi erbjuder nya och kraftfulla annonslösningar inom både Skype, MSN, Xbox och Outlook.com. Det är särskilt roligt att vår nya e-postprodukt Outlook.com är så populär bland användarna säger Rikard Bildsten, Sverigechef på Microsoft Advertising.
Nettoräckvidden i Microsoft Advertising nordiska produktportfölj är hela 10,8 miljoner användare (Comscore, augusti 2013). Annonsörer och partners når användare på engagerande, relevanta och värdefulla sätt genom personlig kommunikation på Skype, underhållning och nyheter på MSN, spel, TV och video på Xbox, personliga email i Outlook.com samt sökningar på Bing – upplevelser som sammanvävs och förstärks genom Windows 8. -
2013 年 12 月 11 日のセキュリティ リリース予定 (月例)
2013 年 12 月の月例セキュリティ リリースの事前通知を公開しました。
2013 年 12 月 11 日に公開を予定している新規月例セキュリティ情報は、合計 11 件 (緊急 5 件、重要 6 件) です。 -
Advance Notification Service for December 2013 Security Bulletin Release
Today we’re providing advance notification for the release of 11 bulletins, five Critical and six Important, for December 2013. The Critical updates address vulnerabilities in Internet Explorer, Windows, Microsoft Exchange and GDI+. The Critical update for GDI+ fully addresses the publicly disclosed issue described in Security Advisory 2896666.
-
Ökat skydd mot övervakning i Microsofts tjänster
Microsoft vidtar åtgärder för att ytterligare säkra sina användares information från övervakning. Förstärkt kryptering av flera tjänster, förstärkta rättsliga riktlinjer och ökad transparens i koden kommer att implementeras under 2014.
- Vi vill att alla våra kunder ska känna sig trygga när de väljer våra tjänster och lösningar. Genom de här förbättringarna förstärker vi både integritetsskyddet och säkerheten säger Daniel Akenine, nationell teknikchef för Microsoft Sverige
Förstärkt kryptering
Microsofts produkter och tjänster är redan krypterade för att skydda användarna. Nu tar vi ytterligare åtgärder för att förstärka och förbättra krypteringen för tjänster som Outlook.com, Office 365, SkyDrive och Windows Azure.
Innehåll som skickas mellan användare och Microsoft, eller innehåll som skickas mellan våra datacenter kommer att krypteras som standard för att skydda informationen från övervakning och olaglig datainsamling. Bland annat kommer vi använda oss av metoder som Perfect Forward Secrecy och 2048-bitats nyckellängd.
Förstärkta rättsliga riktlinjer
Microsoft kommer även i fortsättningen att arbeta efter tydliga rättsliga riktlinjer när det handlar om att lämna ut information om företag och myndigheter som använder Microsofts tjänster. Vi strävar alltid efter att meddela det berörda företaget eller myndigheten när vi mottagit en ansökan om att lämna ut information. I de fall där vi åläggs med munkavel för att inte kunna göra detta kommer vi ta ärendet till domstol för att få ett beslut.
Microsofts ståndpunkt är att brottsbekämpande organ kan gå direkt till företaget eller myndigheten i fråga och begära ut informationen, precis som de gjorde innan informationen flyttades till molnet.
Transparens i koden
Microsoft kommer öppna nya center för kodgranskning och utbildning där vi kommer erbjuda statliga kunder en ökad transparens till vår källkod. Detta för att de själva ska kunna kontrollera integriteten och säkerställa att det inte finns några dolda bakdörrar i systemet.
Mer information finns på Microsoft bloggen
För mer information kontakta
Daniel Akenine, nationell teknikchef på Microsoft Sverige
daniel.akenine@microsoft.com
073-408 31 36 -
Microsoft har Sveriges snyggaste kontor
Igår, den 28 november, hade Microsofts fastighetschef Lotta Bergius det stora nöjet att ta emot priset för Sveriges Snyggaste Kontor 2013, på en prisutdelningsceremoni på Oscarsteatern i Stockholm. Priset består av, förutom äran och uppmärksamheten, en skulptur av Ernst Billgren som nu står i Microsofts reception.
Tidigare i år blev Microsoft Sverige utnämnt till Sveriges bästa arbetsplats av Great Place To Work. Båda dessa pris är tillsammans en bekräftelse på att vi tänker rätt, inte bara när det gäller tekniken, utan även när det de övriga två delarna - platsen och personerna – som krävs för framgångsrika förändringsprojekt. -
より安全性の高い暗号方式を利用しましょう
こんにちは、村木ゆりかです。
-
セキュリティ アドバイザリ 2914486「Microsoft Windows カーネルの脆弱性により、特権が昇格される」を公開
2013 年 11 月 28 日、セキュリティ アドバイザリ 2914486「Microsoft Windows カーネルの脆弱性により、特権が昇格される」を公開しました。
-
Microsoft Releases Security Advisory 2914486
Today we released Security Advisory 2914486 regarding a local elevation of privilege (EoP) issue that affects customers using Microsoft Windows XP and Server 2003. Windows Vista and later are not affected by this local EoP issue. A member of the Microsoft Active Protections Program (MAPP) found this issue being used on systems compromised by a third-party remote code execution vulnerability. These limited, targeted attacks require users to open a malicious PDF file. The issues described by the advisory cannot be used to gain access to a remote system alone.
-
Our protection metrics – October results
Last month we introduced our monthly protection metrics and talked about our September results. Today, we’d like to talk about our results from October. If you want a refresh on the definition of the metrics we use in our monthly results, see our prior post: Our protection metrics – September results.
-
Security and policy surrounding bring your own devices (BYOD)
As the proliferation of devices continues to capture the imagination of consumers, and has ignited what is referred to as bring your own device (BYOD) revolution, many IT departments across the globe are now facing increased security considerations. While organizations encourage BYOD for cost savings and productivity, it is also important to have robust security policies supporting BYOD.
-
Boosting Transaction Performance in Windows Azure Virtual Machines with In-Memory OLTP
With the release of SQL Server 2014 CTP2, you can now significantly boost the performance of your OLTP workloads in Windows Azure Virtual Machines. By creating a new VM with our preloaded image of SQL Server 2014 CTP2 on Windows Server 2012 R2, or installing SQL Server 2014 CTP2 on your VM, In-Memory OLTP functionalities are immediately available to you. This blog post provides a good guide on how to create a Windows Azure VM.
-
Two SQL Server Jump Starts, Live on December 3rd and 4th
If you haven’t yet, be sure to check out the SQL Server 2014 CTP2? Essentially feature complete, this second public community technical preview enables you to try and test all of the capabilities of the full SQL Server 2014 release. To help get you trained on the new capabilities, Microsoft Virtual Academy (MVA) has two lively, demo filled events planned. First on December 3rd, Mission Critical Performance with SQL Server 2014 will show how SQL Server 2014 will help you improve performance speed by 10-30 times, using your current hardware. And you’ll improve reliability at the same time. Then on December 4th, we’ll cover the benefits of moving your organization to the cloud, and how that can provide cost benefits at the same time as increasing scale and flexibility. Microsoft experts will demonstrate how you can make that move one step at a time, using SQL Server 2014 to create a hybrid environment.
-
The Modern Data Warehouse
In recent surveys by TDWI Research, roughly half of respondents report that they will replace their primary data warehouse (DW) platform and/or analytic tools within three years. Ripping out and replacing a DW or analytics platform is expensive for IT budgets and intrusive for business users. This raises the question: What circumstances would lead so many people down such a dramatic path?
-
Molnsatsning lyfter SATS
En aggressiv molnstrategi med tyngdpunkt på produkter från Microsoft ger träningskedjan SATS en bättre IT-miljö. Därmed underlättas företagets fortsatta expansion samtidigt som kunderna erbjuds bättre service.
-
Industridesigners möjliggör för fler att jobba hemma
Microsoft som under två år drivit initiativet Jobba hemma-dagen tar nu hjälp av tre inspiratörer för att lösa problem och utmaningar med att jobba utanför kontoret.
-
MAPP の新しいイニシアティブ
本記事は、BlueHat のブログ “New MAPP Initiatives” (2013 年 7 月 29 日公開) を翻訳した記事です。
-
Carberp-based trojan attacking SAP
Recently there has been quite a bit of buzz about an information-stealing trojan that was found to be targeting the logon client for SAP. We detect this trojan as TrojanSpy:Win32/Gamker.A.
-
Evolving your SQL Server Data Warehouse to the Next Generation, High Performance Solution, the SQL Server Parallel Data Warehouse (PDW)
Last week, we highlighted a whitepaper that focused on the performance benefits of SQL Server PDW and how it differs from traditional SQL Server. We’ve seen many SQL Server customers evolve to this latest PDW as their next generation platform for their data warehouse infrastructure for many of the reasons noted in that whitepaper and this week, we want to follow-up on that by sharing our guide for how to migrate from a traditional data warehouse to PDW.
-
Windows Phone 8 växer med Instagram
Nu finns Instagram och Waze till Windows Phone 8. Apparna är bara två i raden av de nu över 190 000 apparna i Windows Phone Store.
- Instagram är den mest sökta appen till Windows Phone 8, så självklart känns det fantastiskt roligt att våra användare idag kan ladda hem den. Det är verkligen ett styrkebesked att allt fler utvecklare satsar på Windows Phone 8, dagligen utökas utbudet med nästan 500 appar, säger Anna Ström, affärsområdeschef för Windows Phone på Microsoft i Sverige -
Swedavias flygplatsapp för Windows Phone 8 och Windows 8
Nu lanseras Swedavias flygplatsapp även för Windows Phone 8 och Windows 8. I appen får resenärerna tillgång till en rad ”on the go” funktioner förknippade med resan. Resenärerna får enkelt information om ankomst- och avgångstider i realtid såväl som gate- och boardingtime. Nu går det också att snabbt ta reda på ankomsttiden för bagaget.
-
Karlstad utsedd till Sveriges IT-kommun 2013
När Microsofts Marie Ygge delade ut priset Sveriges IT-kommun 2013 var det Karlstad Kommun som tog hem segern, för sitt framgångsrika arbete med att utveckla och förbättra kommunens verksamheter och service med hjälp av IT. Priset delades ut under Kvalitetsmässans invigningsgala på GöteborgsOperan igårkväll .
-
Microsoft utser årets partner 2013
I går hölls Microsofts årliga partnerevent på Folkets Hus i Stockholm och dagens höjdpunkt var när årets partner 2013 utsågs. De priser som delas ut av Microsoft är uppdelade i åtta kategorier, och vinnarna har tagits fram bland Microsofts närmare 4 000 samarbetspartner i Sverige. Grattis till alla vinnande partner!
Årets Cloud Partner: Avanade Sweden AB -
Backup the best defense against (Cri)locked files
Crilock – also known as CryptoLocker – is one notorious ransomware that’s been making the rounds since early September. Its primary payload is to target and encrypt your files, such as your pictures and Office documents. All of the file types that can be encrypted are listed in our Trojan:Win32/Crilock.A and Trojan:Win32/Crilock.B descriptions.
-
Microsoft Next: Välkommen till Microsofts huvudkontor 27-28 november
Den 27-28 november bjuder vi in dig till vår hemmaplan med tvådagarskonferensen Microsoft Next. Ny teknik förändrar hur vi jobbar och utmanar våra tankesätt. Vilken roll får kontoret när vi inte längre behöver vara där? Vad kommer morgondagens medarbetare att kräva av sin arbetsgivare? Det Nya Arbetslivet handlar lika mycket om ledarskap och kultur som de tekniska lösningarna.
-
Norrtäljeskola en av 80 skolor i världen att utses till mentorskola
Som en av 80 skolor i världen, och som enda svenska skola, utses Rodengymnasiet i Norrtälje kommun till mentorsskola i Microsofts internationella utbildningssatsning.- Rodengymnasiet använder inte bara teknik i skolan på ett innovativt sätt. De har också fått utmärkelsen för sin passion för innovativt lärande och för att man på ett föredömligt sätt på ett strategiskt vis bygger hållbar skolutveckling i vardagen, säger Eva Pethrus, ansvarig för Partnerskap i Lärande på Microsoft.- Vi är mycket glada över utmärkelsen! Våra duktiga lärare har alla hjälpts åt för att göra detta möjligt, säger Katarina Björk, rektor på Rodengymnasiet.Utnämningen innebär att lärare, elever och skolledare på Rodengymnasiet kommer att delta i internationella nätverk och kompetensutveckling som Microsoft anordnar. De får bland annat en inbjudan till Microsofts utbildningsforum i Barcelona i mars, för att dela med sig av sina lärdomar och inspireras av andra.Microsoft har utsett 80 mentorsskolor som representerar ledarskap och innovation i klassrummet, och som är fast beslutna att förbereda eleverna för 21st Century Learning. 250 mentorsskolor var nominerade från 75 länder.Ytterligare information om Microsofts syn på utbildning och vad som görs för att stötta lärande runtom i världen finns i Anthony Salcitos blogginlägg.Kontakt:Katarina BjörkRektor, Rodengymnasiet0176-717 64 -
Varför jobbar inte du hemma idag?
Det var precis vad vi frågade stockholmarna i morgonrusningen! Som en start på nedräkningen till nästa års Jobba hemma dag ville vi ta del av stockholmarnas tankar kring att jobba hemma. Sedan bad vi våra främsta experter ge sina bästa råd hur man kan lösa de utmaningar som uppstår med hemmaarbete.
-
Golfanläggningar lyfter med molnet
Golfservices Norden arbetar sedan starten 2011 med att ge golfanläggningar nöjdare medlemmar samt att öka anläggningarnas lönsamhet. För att detta ska vara möjligt är en väl fungerande IT-plattform en förutsättning.
-
How Does SQL Server Parallel Data Warehouse (PDW) Deliver the Performance that it Does?
Last week, we introduced you to SQL Server PDW, the version of SQL Server built specifically for high performance data warehousing that delivers performance gains of up to 50x compared to traditional data warehouses. The next logical question we often get is “how is this possible?” Is it just SQL Server running on special hardware? And the answer is yes…but there is a lot more to it than that.
-
MBSA 2.3 and the November 2013 Security Bulletin Webcast, Q&A, and Slide Deck
Today we’re publishing the November 2013 Security Bulletin Webcast Questions & Answers page. The majority of questions focused on the ActiveX Kill Bits bulletin (MS13-090) and the advisories. We also answered a few general questions that were not specific to any of this month’s updates, but that may be of interest.
-
EMET 4.1 を公開 ~ 構成ファイルや管理機能の強化
こんにちは、村木ゆりかです。
-
Febipos for Internet Explorer
In a previous blog post we discussed Trojan:JS/Febipos.A, a malicious browser extension that targets the Facebook profiles of Google Chrome and Mozilla Firefox users. We recently came across a new Febipos sample that was specifically developed for Internet Explorer - we detect it as Trojan:Win32/Febipos.B!dll.
-
SQL Server 2014 In-Memory OLTP: Memory Management for Memory-Optimized Tables
Memory-optimized tables must fully reside in memory and can’t be paged out. Unlike disk-based tables where insufficient memory can slowdown an application, the impact to memory-optimized tables upon encountering out-of-memory can be severe, causing DML (i.e. delete, insert or update) operations to fail. While this adds a new dimension to managing memory, the application failure due to resource errors is not something new. For example, applications using disk-based tables can fail with resource errors such as running out of transaction log or TempDB or out of storage. It is the responsibility of DBAs/Administrators to make sure resources are provisioned and managed appropriately to avoid such failures. SQL Server provides a rich set of monitoring tools, including DMVs, PerfMon and XEvents to help administrators identify problems earlier so that a corrective action can be taken. Similarly, for memory-optimized tables, SQL Server provides a rich set of monitoring capabilities and configuration options so that you can manage your database/instance well and keep your application running smoothly. The remainder of this blog walks thru each of the challenges and details how it can be addressed.
-
MBSA 2.3 正式版を公開しました
Microsoft Baseline Security Analyzer (MBSA) の最新バージョン MBSA 2.3 を公開しました。日本語版も公開しており、こちらからダウンロード可能です。
-
Microsoft SQL Server Data Tools Update
With the release of SQL Server 2014 Community Technology Preview 2 (CTP2) and the commercial release of Visual Studio 2013, we are excited to announce new preview releases of SQL Server Data Tools to support both database and business intelligence projects.
-
2013 年 11 月のマイクロソフト ワンポイント セキュリティ ~ビデオで簡単に解説 ~
皆さん、こんにちは!
先ほど 11 月のマイクロソフト ワンポイント セキュリティ情報を公開しました。
本日 11 月 13 日に公開した新規 8 件 (緊急 3 件、重要 5 件) のセキュリティ更新プログラムの適用優先度、既知の問題、回避策や再起動の有無など、セキュリティ情報について知っておきたい情報を凝縮してお伝えしています。今月のセキュリティ更新プログラム適用前の概要把握のために是非ご視聴ください。
また内容に関するフィードバックも随時受け付けています。「今月のマイクロソフト ワンポイント セキュリティ情報」サイト右上のフィードバックボックスからご意見・ご感想をお寄せください。
ダウンロード用の Web キャストは以下のサイトから入手可能です。
http://technet.microsoft.com/ja-jp/security/dd251169.aspx -
2013 年 11 月のセキュリティ情報 (月例) – MS13-088 ~ MS13-095
-
Authenticity and the November 2013 Security Updates
If you haven't had a chance to see the movie Gravity, I highly recommend you take the time to check it out. The plot moves a bit slowly at times, but director Alfonso Cuaron's work portrayal of zero gravity is worth the ticket price alone. Add in stellar acting and you end up with an epic movie that really makes you miss the shuttle program. Still, the movie has its detractors. Specifically, astrophysicist and geek icon Neil deGrasse Tyson has been critical about the movie's authenticity. To deGrasse Tyson, a lack of authenticity disrupts the movie-going experience.
Similarly, a lack of authenticity can disrupt your computing experience, which leads me to a couple of interesting items in this month's release. Two advisories this month deal with authenticity by focusing on certificates and cryptography. The first is Security Advisory 286725, which disables the use of the RC4 stream cipher. As computing power increases, cryptographic attacks that were once only theoretical become practical - this is the case with RC4, which was originally designed in 1987. That's the same year The Simpsons first appeared as shorts on The Tracy Ullman Show. Computing has changed somewhat in that time.
We've already taken this step in Windows 8.1 and Internet Explorer 11, and now we're providing an update to disable its use in other operating systems as well. Rather than automatically disable the cipher, the update provides a registry key that allows developers to eliminate RC4 as an available cipher in their applications. The SRD blog provides a deep dive into RC4 and the implications of disabling it.
Security Advisory 2880823 also impacts cryptography and authenticity but addresses SHA1. We aren't going to surprise the world by saying we're turning off support for SHA1 today, but we are announcing a new policy for Certificate Authorities (CAs) that deprecates the use of the SHA1 algorithm in SSL and code signing certificates in favor of the SHA2 algorithm. After January 2016, only SHA2 certificates can be issued. The good folks over on the PKI blog go into more detail about the change.
We have an update regarding a cryptographic function as well, MS13-095 addresses an issue in Digital Signatures that could cause a web service to stop responding if it receives a specially crafted X.509 certificate. Since these certificates are used to ensure authenticity, having the web service go down during negotiation is suboptimal.
Of course, another way to help ensure authenticity throughout your computing experience is to use EMET. An updated version of the program is available today. Of the many improvements, there is an update to the default settings that includes two new application protection profiles for applications. There's also an update for the Certificate Trust profile that offers more applications protection. Full details about this release can be found on the SRD blog. It may not patch any holes, but it can make it harder to reach any issue that may exist on a system and, if your family is like mine, it will significantly reduce calls from relatives looking for tech support.
Of course it takes more than just authenticity to make a secure computing experience, which leads us to the other updates for November. Today, we released eight bulletins, three Critical and five Important, addressing 19 unique CVEs in Microsoft Windows, Internet Explorer, and Office. For those who need to prioritize their deployment planning we recommend focusing on MS13-090, MS13-088, and MS13-089.
Our Bulletin Deployment Priority graph provides an overview of this month's priority releases (click to enlarge).
MS13-090 | Cumulative Security Update of Active X Kill Bits
This update addresses a remote code execution issue in an ActiveX control by providing a kill bit for associated ActiveX controls. We are aware of limited attacks that exploit this issue. The code execution occurs at the level of the logged on user, so non-admin users would face less of an impact. The remote code execution vulnerability with higher severity rating be fixed in today's release and we advise customers to prioritize the deployment of MS13-090 for their monthly release. As usual, customer with Automatic Updates enabled will not need to take any action to receive the update. Additional information about this vulnerability is available on the Security Research & Defense blog.
MS13-088 | Cumulative Update for Internet Explorer
This security update resolves ten privately reported vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited the most severe of these vulnerabilities could gain the same user rights as the current user.
MS13-089 | Vulnerability in Windows Graphics Device Interface Could Allow Remote Code Execution
This update addresses one privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user views or opens a specially crafted Windows Write file in WordPad. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user.
Last but not least, we are also providing an update for users of DirectAccess (DA) through Security Advisory 2862152. This security feature bypass issue would require a man-in-the-middle attacker to be successful, but if someone can snoop on your DA connection, it's possible they could impersonate a legitimate DA server in order to establish connections with legitimate DA clients. The attacker-controlled system could then intercept the target user's network traffic and potentially determine the encrypted domain credentials. This update, along with the new configuration guidelines available in KB2862152, helps ensure the authenticity of DA connections.
Watch the bulletin overview video below for a brief summary of today's releases.
Our risk and impact graph shows an aggregate view of this month's Security and Exploitability Index (click to enlarge).
For more information about this month's security updates, including the detailed view of the Exploit Index broken down by CVE, visit the Microsoft Bulletin Summary Webpage.
Jonathan Ness and I will host the monthly bulletin webcast, scheduled for Wednesday, November 13, 2013, at 11 a.m. PST. I invite you to register here and tune in to learn more about this month's security bulletins and advisories. We'll provide authentic answers to your update deployment questions, but no zero gravity effects will be employed.
For all the latest information, you can also follow the MSRC team on Twitter at @MSFTSecResponse.
I look forward to hearing your questions in the webcast tomorrow.
Thanks,
Dustin Childs
Group Manager, Response Communications
Microsoft Trustworthy Computing -
MSRT November 2013 - Napolar
We first noticed the new family we named Win32/Napolar being distributed in the wild in early August this year. It quickly became a big problem on our customers’ machines.
-
SQL Server 2014 In-Memory OLTP: Nonclustered Indexes for Memory-Optimized Tables
SQL Server 2014 CTP1 introduced hash indexes for memory-optimized tables. Hash indexes are very efficient for point lookups, when you know exactly the value you are looking for. However, they do not perform well if you need a range of value, for example a date range, or if you need to retrieve the rows in a particular order.
-
ActiveX Control issue being addressed in Update Tuesday
Late last Friday, November 8, 2013, a vulnerability, CVE-2013-3918, affecting an Internet Explorer ActiveX Control was publically disclosed. We have confirmed that this vulnerability is an issue already scheduled to be addressed in “Bulletin 3”, which will be released as MS13-090, as listed in the November Advanced Notification Service (ANS). The security update will be distributed to customers tomorrow via Windows Update at approximately 10:00 AM PDT. Customers who have Automatic Updates enabled will not need to take any action to receive the update.
-
New In-Memory OLTP Sample for SQL Server 2014 CTP2
To help you get started with the new In-Memory OLTP feature, we created a sample around sales order processing based on the AdventureWorks sample database.
-
2013 年 11 月 13 日のセキュリティ リリース予定 (月例)
2013 年 11 月の月例セキュリティ リリースの事前通知を公開しました。
2013 年 11 月 13 日に公開を予定している新規月例セキュリティ情報は、合計 8 件 (緊急 3 件、重要 5 件) です。なお、最新のセキュリティ情報の概要を動画と音声でお伝えするストリーミング ビデオ (Web キャスト) の「今月のマイクロソフト ワンポイント セキュリティ」も同日午後に公開する予定です。 -
Clarification on Security Advisory 2896666 and the ANS for the November 2013 Security Bulletin Release
Today, we’re providing advance notification for the release of eight bulletins, three Critical and five Important, for November 2013. The Critical updates address vulnerabilities in Internet Explorer and Microsoft Windows, and the Important updates address issues in Windows and Office.
-
IO Resource Governance in SQL Server 2014
Resource Governor was introduced in SQL Server 2008 to achieve predictable performance in a multi-tenant environment, to support mixed workload patterns, to provide mechanisms and tools to deal with runaway queries, and to enforce resource limits for CPU and memory. It enables customers to implement database consolidation or to configure their own database as a service. Since then, we’ve been incrementally enhancing this feature in major releases to address the top customer requests in this area. In SQL Server 2014, we are excited to add support for IO resource governance.
-
Get to Know the SQL Server that’s Purpose Built for High Performance Data Warehousing and Big Data Analytics – the SQL Server Parallel Data Warehouse Appliance
If your business relies on data, you know that it is a constant challenge to store, manage, and analyze it effectively as your data continues to grow. It’s also expensive to keep enough data on “hot” storage where it is readily available for analysis. Even when you have the data you need on hot storage, it can take hours or even days to run analysis and reports on today’s symmetric multi-processing (SMP) systems. To add more to the challenges, businesses today are struggling to figure out how to add the value of non-relational Hadoop data into their analysis.
-
セキュリティ アドバイザリ 2896666「Microsoft Graphics の脆弱性により、リモートでコードが実行される」を公開
2013 年 11 月 6 日、セキュリティ アドバイザリ 2896666「Microsoft Graphics の脆弱性により、リモートでコードが実行される」を公開しました。
-
Microsoft Releases Security Advisory 2896666
Today we released Security Advisory 2896666 regarding an issue that affects customers using Microsoft Windows Vista and Windows Server 2008, Microsoft Office 2003 through 2010, and all supported versions of Microsoft Lync. We are aware of targeted attacks, largely in the Middle East and South Asia. The current versions of Microsoft Windows and Office are not affected by this issue. The exploit requires user interaction as the attack is disguised as an email requesting potential targets to open a specially crafted Word attachment. If the attachment is opened or previewed, it attempts to exploit the vulnerability using a malformed graphics image embedded in the document. An attacker who successfully exploited the vulnerability could gain the same user rights as the logged on user.
While we are actively working to develop a security update to address this issue, we encourage our customers concerned with the risk associated with this vulnerability, to deploy the following Fix it from the advisory: -
In-Memory OLTP: High Availability for Databases with Memory-Optimized Tables
Starting with SQL Server 2012, the new offering of AlwaysOn Availability Groups and AlwaysOn Failover Cluster Instances (FCI) suite of features have enabled Tier-1 customers with mission critical applications to achieve their availability goals with SQL Server with an easy to deploy and manage solution. SQL Server 2014 builds on this success and offers enhanced AlwaysOn Availability Groups with up to 8 replicas, ability to access secondary replica for offloading reporting workload in disconnected scenario and hybrid scenario with Windows Azure.
-
Updates: RAMMap v1.32, Sigcheck v2.01
RAMMap v1.32: This fixes a bug in v1.30 that caused RAMMap to fail on Windows 8.
-
Upatre: Emerging Up(d)at(er) in the wild
The MMPC is constantly monitoring emerging threats that are impacting our customers the most.
-
Microsoft a Leader in Gartner’s Magic Quadrant for Operational Database Management Systems
This is one of the best times to be working in SQL Server. I just came from the O’Reilly Strata + Hadoop World conference this week, where there was a great dialog about advances in data management techniques. We’re already the world’s most deployed database, we just released the second technology preview for SQL Server 2014, and if you saw Microsoft’s recent financial results you know SQL Server continues to outpace the market: revenue grew double-digits, with SQL Server Premium revenue growing more than 30%. And the SQL Server momentum is not stopping.
-
Windows XP を 2014 年 4 月のサポート終了後も使い続けることのリスク
本記事は、Microsoft Security のブログ “The Risk of Running Windows XP After Support Ends April 2014” (2013 年 8 月 15 日公開) を翻訳した記事です。
-
Revolutionizing City Planning in the 21st Century with Windows Azure, HDInsight, and SQL Server
If you’ve ever played a video game where you manage a virtual city, you understand how real-time insight into services including emergency response teams and transportation is needed for effective city planning. Until recently, the technologies just weren’t available to support this kind of detailed “big picture” view enjoyed by gamers. However, now that Big Data business intelligence (BI) solutions are a reality, Barcelona, Spain is working to achieve transformative insight so that it can better meet the needs of its citizens.
-
新セキュリティ インテリジェンス レポート、新データ、新たな視点
本記事は、Microsoft Malware Protection Center のブログ “New Security Intelligence Report, new data, new perspectives” (2013 年 10 月 29 日公開) を翻訳した記事です。
-
New infection rate data for unprotected computers
In the previous Microsoft Security Intelligence Report, SIRv14, we introduced a new metric to measure the infection rate for computers protected with real-time antimalware software (protected computers) in comparison to computers that were not protected with up-to-date security software (unprotected computers). Using this new data, we wrote a feature story about the risks of running unprotected. Our customers told us that providing this data really helped measure the value of running real-time antimalware software. It clearly showed that security software can provide a significant contribution to a computer’s protection level.
-
Customers get Faster and Better Insight into More Data from More Sources with Windows Azure HDInsight Service
Collecting Big Data is significant only if you can make use of it. With Windows Azure HDInsight Service, organizations can use Apache Hadoop clusters in Windows Azure. Combining the Microsoft platform with open-source tools like Hadoop equates to unprecedented insight into more data, from more sources, in any format—structured and unstructured. Here are a few examples:
-
Infection rates and end of support for Windows XP
In the newly released Volume 15 of the Microsoft Security Intelligence Report (SIRv15), one of the key findings to surface relates to new insight on the Windows XP operating system as it inches toward end of support on April 8, 2014.
-
New Security Intelligence Report, new data, new perspectives
Today, Microsoft released volume 15 of the Microsoft Security Intelligence Report (SIRv15). The report analyzes malware, exploits and more based on data from more than a billion systems worldwide and some of the Internet’s busiest online services.
-
Update: RAMMap v1.31
RAMMap v1.31: This update fixes a bug in v1.30 that caused RAMMap to fail on Windows 8.
-
Windows Azure HDInsight Released for GA
Today, Microsoft announced the general availability of Windows Azure HDInsight, its cloud-based distribution of Hadoop. Further expanding on Microsoft’s big data strategy, Microsoft CVP Quentin Clark will deliver a keynote at O’Reilly Strata + Hadoop World tomorrow, where he will discuss Microsoft’s vision to democratize big data by providing easy to use tools and a unified data platform. Clark further detailed this approach in a post on the Official Microsoft Blog.
-
Our protection metrics - September results
Earlier this year, we started publishing a new set of metrics on our portal – An evaluation of our protection performance and capabilities. These metrics show month over month how we do in three areas: coverage, quality, and customer experience in protecting our customers.
-
Introduction: Chris Betz, new head of MSRC
By way of introduction, I am Chris Betz, the leader of the Microsoft Security Response Center (MSRC). I’m stepping in to fill the shoes of Mike Reavey, who has moved on to become the General Manager of Secure Operations, still within Trustworthy Computing.
-
A Look Back at PASS Summit 2013
PASS Summit 2013 has been over for a little more than a week and we are already looking forward to what's next in 2014. PASS Summit is the world’s largest and most-intensive conference for Microsoft SQL Server and BI professionals and it just keeps growing! We are pleased to have had over 5,000 registrations for this conference that featured over 190 technical sessions, 6 deep-dive Half-Day Sessions and 14 Pre-Conference Sessions. If you were not able to join us in Charlotte or missed the live stream, check out the PASSTV site to view the PASS Summit 2013 keynotes as well as gain insight to many of the sessions and learning provided at the conference.
-
Backup and Restore Enhancements in SQL Server 2014 CTP2
SQL Server 2014 CTP2 includes three SQL Server Backup and Restore enhancements. These enhancements enable using Windows Azure for backups, providing options to ease and automate backup management, and improved security for backups through encryption.
-
Windows 8.1 ~ Windows Update のより柔軟になった再起動オプション
前回のブログ「Windows 8.1 ~ Windows Update 管理画面の新機能」に引き続き、今回も Windows 8.1 に関する情報をお届けします。
-
Updates: PsExec v2.0, RAMMap v1.3, Sigcheck v2.0
PsExec v2.0: PsExec, a popular utility for executing processes on remote systems, introduces a new option, -r, that specifies the name PsExec assigns to its remote service. This can improve performance when multiple users are interacting concurrently with a system, since each will have a dedicated PsExec service.
-
Smart, Secure, Cost-Effective: SQL Server Back Up to Windows Azure
Microsoft recently announced several new ways to back up and recover SQL Server databases with Windows Azure. These features, now available in SQL Server 2014 CTP2 and as a standalone tool for prior versions, provide an easy path to cloud backup and disaster recovery for on-premises SQL Server databases. The capabilities for backing up to Windows Azure Storage help to reduce storage costs and unlock the data protection and disaster recovery benefits of cloud data storage.
-
Customers Gain Roadmap for the Future with Microsoft, SQL Server 2014 and In-Memory OLTP
There’s a lot of excitement around the In-Memory OLTP database engine in SQL Server 2014—and for good reason. Many companies are already realizing impressive performance gains by using it. Here are just a few examples:
-
Cloud Data Warehousing – The Fastest Time To Value
In the past, deploying a data warehouse has been a costly affair. IT departments required expertise to procure and build state-of-the-art hardware servers (that are optimally balanced from a CPU, storage and I/O perspective) as well as install software that is tuned for optimal performance. Prior to even loading data into the system, you could already be months into the project and hundreds of thousands of dollars into your infrastructure investment, not to mention the resources needed to maintain these servers and run them at peak performance levels.
-
SQL Server 2014 CTP 2 Now Available
Microsoft SQL Server 2014 CTP2 was announced by Quentin Clark during the Microsoft SQL PASS 2013 keynote. This second public CTP is essentially feature complete and enables you to try and test all of the capabilities of the full SQL Server 2014 release. Below you will find an overview of SQL Server 2014 as well as key new capabilities added in CTP2:
-
SQL Server 2014: Pushing the Boundaries of In-Memory Performance
This morning, during my keynote at the Professional Association of SQL Server (PASS) Summit 2013, I discussed how customers are pushing the boundaries of what’s possible for businesses today using the advanced technologies in our data platform. It was my pleasure to announce the second Community Technology Preview (CTP2) of SQL Server 2014 which features breakthrough performance with In-Memory OLTP and simplified backup and disaster recovery in Windows Azure.
-
The 411 on the Microsoft SQL Server 2014 In-Memory OLTP Blog Series
This summer we started blogging about all of the innovation in the products that make up the Microsoft Cloud OS vision. We’ve talked about Windows Server 2012 R2, Windows Azure and of course Microsoft SQL Server 2014.
-
10 years of Update Tuesdays
On October 1, 2003, Microsoft announced it would move to a monthly security bulletin cadence. Today, marks 10 years since that first monthly security update. We looked at many ways to improve our security preparedness and patch timing was the number one customer request. Your feedback was clear and we delivered a predictable schedule.
-
October 2013 Security Bulletin Webcast, Q&A, and Slide Deck
Today we’re publishing the October 2013 Security Bulletin Webcast Questions & Answers page. We fielded 11 questions during the webcast, with specific bulletin questions focusing primarily on the SharePoint (MS13-084) and Kernel-Mode Drivers (MS13-081) bulletins. There was one additional question that we were unable to answer on air, and we have included a response to that question on the Q&A page.
-
Redirect hides browser extension
While analyzing a malicious Chrome browser extension we recently came across a Virtool that tries to redirect the Chrome Extension page.
-
2013 年 10 月のセキュリティ更新プログラムに関してリスクを評価する
本記事は、Security Research & Defense のブログ “Assessing risk for the October 2013 security updates” (2013 年 10 月 10 日公開) を翻訳した記事です。
-
Our commitment to Microsoft antimalware
We are fully committed to protecting our consumer and business customers from malware. Our strong solutions provide the comprehensive defense needed against malicious code and attacks. Our support of antimalware partners helps in building a strong and diverse ecosystem to fight malware.
-
2013 年 10 月のセキュリティ情報 (月例) – MS13-080 ~ MS13-087
2013 年 10 月 9 日 (日本時間)、マイクロソフトは計 8 件 (緊急 4 件、重要 4 件) の新規セキュリティ情報を公開しました。また、既存のセキュリティ アドバイザリ 2 件 (2862973と2887505) を更新しています。なお、今月の「悪意のあるソフトウェアの削除ツール」では、新たに確認した 2 種類のマルウェアに対応しています。
-
MSRT October 2013 – Shiotob
This month the Malicious Software Removal Tool (MSRT) is giving some special attention to two malware families - Win32/Foidan and Win32/Shiotob.
-
The October 2013 security updates
This month we release eight bulletins – four Critical and four Important - which address 25* unique CVEs in Microsoft Windows, Internet Explorer, SharePoint, .NET Framework, Office, and Silverlight. For those who need to prioritize their deployment planning, we recommend focusing on MS13-080, MS13-081, and MS13-083.
-
An update on the bounty programs
Back in June of this year, we announced three new bounty programs that will pay researchers for techniques that bypass built-in OS mitigations and protections, for defenses that stop those bypasses and for vulnerabilities in Internet Explorer 11 Preview. This past Friday, we provided some additional details about the results of the IE11 Preview bounty program, which covered the first 30 days of the preview period. Today, we are announcing James Forshaw, a security researcher with Context Information Security, has been awarded the first Mitigation Bypass Bounty, which comes with a prize of $100,000.00. As a reminder, this is an ongoing program, so if you are interested in participating, check out all the details here.
-
Advance Notification Service for October 2013 Security Bulletin Release
Today we’re providing advance notification for the release of eight bulletins, four Critical and four Important, for October 2013. The Critical updates address vulnerabilities in Internet Explorer, .NET Framework and Windows. The Critical update for Internet Explorer will be a cumulative update which will address the publicly disclosed issue described in Security Advisory 2887505.
-
Mevade and Sefnit: Stealthy click fraud
Recently Trojan:Win32/Mevade made news for being the first large botnet to use Tor to anonymize and hide its network traffic. Within a few weeks, starting mid-August, the number of directly connecting Tor users increased by almost 600 percent - from about 500,000 users per day to more than 3,000,000.
-
End of support for Java SE 6
If you’re running Java SE 6, we have some news for you: Oracle stopped providing public updates to it after February 2013.
-
Microsoft Releases Security Advisory 2887505
Today we released Security Advisory 2887505 regarding an issue that affects Internet Explorer. There are only reports of a limited number of targeted attacks specifically directed at Internet Explorer 8 and 9, although the issue could potentially affect all supported versions. This issue could allow remote code execution if an affected system browses to a website containing malicious content directed towards the specific browser type. This would typically occur when an attacker compromises the security of trusted websites regularly frequented, or convinces someone to click on a link in an email or instant message. Running modern versions of Internet Explorer ensures that customers receive the benefit of additional security features that can help prevent successful attacks.
While we are actively working to develop a security update to address this issue, we encourage Internet Explorer customers concerned with the risk associated with this vulnerability, to deploy the following workarounds and mitigations from the advisory: -
September 2013 Security Bulletin Webcast, Q&A, and Slide Deck
Today we’re publishing the September 2013 Security Bulletin Webcast Questions & Answers page. The majority of questions focused on Office bulletins, especially SharePoint Server (MS13-067). We received multiple Office related questions that were very similar in nature, so the questions have been merged, as applicable, with consolidated answers provided. We were able to answer six questions on air, and those we did not have time for have been included on the Q&A page.
-
MSRT September 2013 - Win32/Simda
-
Lovely tokens and the September 2013 security updates
Helen Hunt Jackson famously wrote, “By all lovely tokens September is here, with summer’s best of weather and autumn’s best of cheer.” I share Helen’s clear adoration for this time of year. As a sports fan, there are so many “lovely tokens” to enjoy. The baseball pennant race is heating up, college and pro football are underway, and various soccer leagues (real football to the rest of the world) continue. As a parent, there are the “lovely tokens” of my kids returning to school, which brings a reminder of summer’s passing and excitement for another year of learning, growing, and adjusting to a new routine. For me, the routine is set: the second Tuesday of the month is here and with it comes a round of “lovely tokens” to help protect our customers.
-
Advance Notification Service for September 2013 Security Bulletin Release
In celebration of kids heading back to school, today we’re providing advance notification for the release of 14 bulletins, four Critical and 10 Important, for September 2013. The Critical updates address issues in Internet Explorer, Outlook, SharePoint and Windows.
-
Reversal of fortune: Sirefef’s registry illusion
I have mentioned in a previous blog that the use of the right-to-left-override (U+202E) unicode character is nothing new. This blog also went on to show the various file name tricks used by malware.
-
August 2013 Security Bulletin Webcast, Q&A, and Slide Deck
Today we’re publishing the August 2013 Security Bulletin Webcast Questions & Answers page. We fielded 13 questions on various topics during the webcast, with specific bulletin questions focusing primarily on Exchange Server (MS13-061) and Windows Kernel (MS13-063). There were 3 additional questions during the webcast that we were unable to answer on air, and we have also answered those on the Q&A page.
-
Leaving Las Vegas and the August 2013 security updates
Two weeks ago I, along with 7,500 of my closest friends, attended the Black Hat security conference in Las Vegas, NV. I can’t speak for everyone, but I certainly had a great – if not exhausting – time while there. While there were a lot of great talks, a personal highlight for me each year is the chance to meet and talk with the various people who attend. It was even more fun for me this time around, as we had some great new programs here at Microsoft to talk about.
-
The original AppCompat (solving a 20-year-old mystery for me)
DOS v5.0, released in 1991, introduced the concept of DOS loading "high". That is, into the high memory area - that special 64kb area at the top of the first megabyte of memory.
-
Advance Notification Service for August 2013 Security Bulletin Release
Today we’re providing advance notification for the release of eight bulletins, three Critical and five Important, for August 2013. The Critical updates address vulnerabilities in Microsoft Windows, Internet Explorer and Exchange.
-
Autoruns v11.70, Bginfo v4.20, Disk2vhd v1.64, Process Explorer v15.40
Autoruns v11.70: This release of Autoruns, a powerful utility for scanning and disabling autostart code, adds a new option to have it show only per-user locations, something that is useful when analyzing the autostarts of different accounts than the one that
Autoruns is running under. -
Are you prepared for the BlueHat Challenge?
Today we are kicking off a new challenge so you can showcase your security prowess and, if we can, help you build some more. Our BlueHat Challenge is a series of computer security questions, which increase in difficulty as you progress. Only the rare and talented engineer will be able to finish the Challenge on the first attempt. It’s not a contest, so there’s no cash involved here, but there will be some great answers we’ll recognize publicly and you could win yourself a big chunk of bragging rights. You can find complete details about this new program over on the Security Research & Defense blog.
-
The evolution of Rovnix: Private TCP/IP stacks
We recently discovered a new breed of the bootkit Rovnix that introduces a private TCP/IP stack. It seems this is becoming a new trend for this type of malware.
-
A fresh face for the Microsoft Malware Protection Center
Today we launched our new Microsoft Malware Protection Center website.
-
Update: Autoruns v11.62
Autoruns v11.62: This release fixes a bug in version 11.61’s jump-to-image functionality.
-
Viewing Vobfus infections from above
Win32/Vobfus is a family of worms that spreads via removable drives and downloads other malware, and a family that is causing people a lot of pain lately. Vobfus was initially discovered in September 2009 and became prevalent with its use of the MS10-046 .LNK vulnerability. The .LNK vulnerability has also been used by Chymine, Sality, and Zbot, though it is no longer used by Vobfus.
-
Updates: Mark's TechEd Sessions, Autoruns v11.61, Strings v2.52, ZoomIt v4.5
Mark’s TechEd Sessions Available On-Demand: Mark delivered four top-rated sessions at Microsoft’s TechEd US conference two weeks ago, and the recordings are available now for on-demand viewing. In Windows Azure Infrastructure Services, he gives an overview of the deployment and operation of Virtual Machines and Virtual Networks; in Windows Azure Internals Mark goes under the hood of Windows Azure to show its physical and logical datacenter architecture and operation; in Case of the Unexplained you’ll see how to use the Sysinternals tools to solve impossible problems; and in Malware Hunting with the Sysinternals Tools you’ll learn how to use Sysinternals tools to identify and clean malware infestations.
-
Updates: Autoruns v11.6, Procexp v15.31, Procmon v3.05, Sigcheck v1.92
Autoruns v11.6: Autoruns is a utility for enumerating and disabling executables and DLLs configured to activate in dozens of autostart registration points. This update fixes some minor bugs and adds Authenticode SHA1 and SHA256 hash reporting to Autorunsc output.
-
Updates: Accesschk v5.11, Procdump v6.0, RAMMap v1.22, Strings v2.51
AccessChk v5.11: AccessChk, a command line utility for
dumping the effective permissions and security descriptors for files, registry
keys, processes, tokens, object manager objects, now prefixes Windows 8
application container SIDs with the word “Package”, and includes several minor
bug fixes. -
You’re invited to help us celebrate an unlikely pairing in open source
We are just days away from reaching a significant milestone for our team and the open source and open standards communities: the first anniversary of Microsoft Open Technologies, Inc. (MS Open Tech) -- a wholly owned subsidiary of Microsoft.
-
Updates: Autoruns v11.5, Du (Disk Usage) v1.5, Procdump v5.14, Procmon v3.04, Ru (Registry Usage) v1.0
Autoruns v11.5: This update to Autoruns, a utility for managing autostarting applications and components, now reports the image timestamp of executables and the last-modified timestamp of other file types and autostart locations to help with forensic analysis. The jump-to-entry feature is also improved to navigate directly to files rather than their parent directory.
-
It keeps on getting better – Hortonworks highlights native Windows support for Apache Hadoop
Any time you can open up a platform to more options for interoperability, it’s a great thing. It’s even better if the platform is as popular as Apache Hadoop and the new option is one that has been accepted as a popular choice. And earlier today, HortonWorks announced another interoperability achievement for the Apache Hadoop project on their blog by highlighting how Hadoop now runs natively on Microsoft Windows platforms:
-
A collaborative snapshot of community-driven Web developer tools
Today Scott Guthrie blogged about new releases of Microsoft’s Web developer tools that reflect a snapshot of improvements and contributions from the open source community and Microsoft Open Technologies Hub (The Hub). The latest updates from ASP.NET SignalR and Web API are good to go thanks to our cool collaboration.
-
VM Depot repository off to a flying start
It's been just one month since Microsoft Open Technologies announced the early preview of VM Depot, a community-driven catalog of open source virtual machine images. Today we are proud to announce that the community has rallied to our call and already produced over 100 images. We are thrilled at the reception this preview has received and there are more images appearing every day. VM Depot, even in preview, is already a valuable resource for open source projects and their communities. On VM Depot the community can build, deploy and share their favorite Linux configuration, create custom open source stacks, work with others and build new architectures for the cloud that leverage the openness and flexibility of the Windows Azure platform.
-
Updates: Pendmoves v1.2, Process Explorer v15.3, Sigcheck v1.91, Zoomit v4.42
Pendmoves v1.2: This update to Pendmoves adds support for 64-bit directories.
-
Update: Autoruns v11.42
Autoruns v11.42: This release fixes a bug in the parsing of network file paths introduced in v11.41.
-
Git now fully supported and integrated into Team Foundation Service
Here is great news for open source developers: Brian Harry announced today at the Microsoft’s ALM Summit that Git is now fully integrated into Visual Studio as well as the Team Foundation Service, Microsoft’s cloud-powered Application Lifecycle Management tool.
-
It's an exciting day for me
I've been involved with open source software for just shy of 15 years now. During that time I've seen open source software become a fundamental part of technology innovation. It is that technology innovation that has fed me and my family for many years. I like to think I've given back and played a small part in the growth of open source software through my code contributions and my open source strategic consultancy services. But, today I am presented with an opportunity to give back even more. From today onwards I will be joining Microsoft UK, where I’ll be serving a global role supporting the amazing team at Microsoft Open Technologies, Inc.
-
Updates: Autoruns v11.41, Handle v3.51, Movefile v1.01, Procdump v5.13, Sigcheck v1.9
Autoruns v11.41: This Autoruns update reports the hosting image target of link shortcut references.
-
Updates: Autoruns v11.4, ProcDump v5.12, SDelete v1.61
Autoruns v11.4: Autoruns v11.4 adds additional startup locations, fixes several bugs related to image path parsing, adds better support for browsing folders on WinPE, and fixes a Wow64 redirection bug.
-
For your OSS image building and sharing pleasure … meet VM Depot from MS Open Tech
By Gianugo Rabellino
Senior Director Open Source Communities
Microsoft Open Technologies, Inc.