Microsoft Bounty Programs Expansion – .NET Core and ASP.NET Beta Bounty

Today, I have another exciting expansion of the Microsoft Bounty Programs to announce. Please visit https://aka.ms/bugbounty to find out more. I’ll be discussing this new bounty in my talk at SyScan360 on October 21, 2015. We are delighted to offer a bounty for the .NET Core and ASP.NET Beta which Microsoft released earlier this month. .NET and… Read more

September 2014 Security Bulletin Release Webcast and Q&A

Today we’re publishing the September 2014 Security Bulletin Webcast Questions & Answers page.  We fielded four questions on various topics during the webcast, with specific bulletin questions focusing primarily on Internet Explorer (MS14-052) and a question about the Windows Update client.   We invite you to join us for the next scheduled webcast on Wednesday, October… Read more

December 2011 Out-Of-Band Security Bulletin Webcast Q&A

Hosts:              Jonathan Ness, Security Development Manager, MSRC                           Pete Voss, Sr. Response Communications Manager, Trustworthy Computing Website:         TechNet/Security Chat Topic:     December 2011 Out-Of-Band Security Bulletin Release Date:               Thursday, December 29, 2011 Q: How are Denial of Service, Tampering, Information Disclosure orSpoofing issues rated?A: The Exploitability Index only attempts to rate vulnerabilities that can be… Read more