Microsoft Bounty Programs Expansion – .NET Core and ASP.NET Beta Bounty

Today, I have another exciting expansion of the Microsoft Bounty Programs to announce. Please visit to find out more. I’ll be discussing this new bounty in my talk at SyScan360 on October 21, 2015. We are delighted to offer a bounty for the .NET Core and ASP.NET Beta which Microsoft released earlier this month. .NET and… Read more

September 2014 Security Bulletin Release Webcast and Q&A

Today we’re publishing the September 2014 Security Bulletin Webcast Questions & Answers page.  We fielded four questions on various topics during the webcast, with specific bulletin questions focusing primarily on Internet Explorer (MS14-052) and a question about the Windows Update client.   We invite you to join us for the next scheduled webcast on Wednesday, October… Read more

December 2011 Out-Of-Band Security Bulletin Webcast Q&A

Hosts:              Jonathan Ness, Security Development Manager, MSRC                           Pete Voss, Sr. Response Communications Manager, Trustworthy Computing Website:         TechNet/Security Chat Topic:     December 2011 Out-Of-Band Security Bulletin Release Date:               Thursday, December 29, 2011 Q: How are Denial of Service, Tampering, Information Disclosure orSpoofing issues rated?A: The Exploitability Index only attempts to rate vulnerabilities that can be… Read more