Microsoft has released updates to protect against CVE-2021-34527. Please see: msrc.microsoft.com/update-guide/v…
Microsoft Security Response Center
@msftsecresponse
We are the Microsoft Security Response Center. To report security vulnerabilities or abuse in Microsoft products, visit microsoft.com/en-us/msrc.
- What if you could eliminate a common class of vulnerabilities by changing the language you used? MSRC is publishing a series on why Microsoft is looking at @rustlang for memory-safe development and why we think you should too. See the first post here: msrc-blog.microsoft.com/2019/07/16/a-p…
- MSRC has just published a blog post for Microsoft's response to CVE-2021-44228 Apache Log4j 2 msrc-blog.microsoft.com/2021/12/11/mic…
- We've published a new Print Spooler Security Advisory: msrc.microsoft.com/update-guide/v…
- Microsoft is aware of a RCE vulnerability in the way that the SMBv3 protocol handles certain requests. If you wish to be notified when updates for this vulnerability are available, please follow the guidance in the advisory linked here: portal.msrc.microsoft.com/en-US/security…
- July 2020 Security Update includes a fix for a wormable RCE vulnerability in Windows DNS Server affecting all versions of Windows server running the DNS Server role. This should be patched quickly. For more information, see: msrc-blog.microsoft.com/2020/07/14/jul…
- To mitigate against various NTLM relay attacks, disable NTLM where not needed (eg DCs) or implement the mitigation feature, Extended Protection for Authentication. Guidance at msrc.microsoft.com/update-guide/v…
- MSRC has release CVE-2021-34481 today. msrc.microsoft.com/update-guide/v…
- The MSRC has updated CVE-2021-34527 with more information. msrc.microsoft.com/update-guide/v…
- MSRC has confirmed an active Linux worm leveraging critical Remote Code Execution (RCE) vulnerability CVE-2019-10149 in Linux Exim email servers. We advise Azure customers to patch or restrict network access to VMs running affected versions. More info: blogs.technet.microsoft.com/msrc/2019/06/1…
