Follow us:

Microsoft Pri0

Welcome to Microsoft Pri0: That's Microspeak for top priority, and that's the news and observations you'll find here from Seattle Times technology reporter Matt Day.

Topic: security

You are viewing the most recent posts on this topic.

January 12, 2015 at 8:58 AM

Microsoft criticizes Google for releasing Windows bug

The rivalry between Microsoft and Google has spread to the realm of software bugs.

For the second time in a few weeks, Google security researchers posted details about a Windows security flaw before Microsoft fixed the bug. Microsoft didn’t publicly reply to Google after the first case.

But after Google detailed another security vulnerability Sunday, two days before Microsoft’s release of its regular slate of software fixes, a Microsoft official accused the Mountain View, Calif., company of trying to embarrass Microsoft rather than protect customers.

Google’s “Project Zero,” its security unit dedicated to finding and exposing bugs, on Sunday revealed a Windows 8.1 security flaw that can allow low-level users of a network to gain administrator privileges and access sensitive functions.

Google says it follows a consistent formula with its security efforts. Once researchers discover a flaw, they alert the company whose software is involved, and give them 90 days to fix the error before Google makes the bug public (along with code that could allow people to exploit it).


Comments | More in Security & privacy | Topics: google, microsoft, security

November 13, 2014 at 11:40 AM

Microsoft buys cybersecurity startup Aorato

Microsoft has purchased Israeli cybersecurity firm Aorato.

Aorato’s technology monitors activity on a company’s network, searching for anomalies and suspicious behavior, Takeshi Numoto, a Microsoft vice president of cloud and enterprise marketing, said in a blog post about the deal.

“It understands what normal behavior is and then identifies anomalies, so a company can quickly see suspicious behavior and take appropriate measures to help protect itself,” Numoto said. “Most of our enterprise customers should be able to easily take advantage of Aorato’s technology.”


Comments | More in Deals | Topics: cloud, deals, microsoft

May 7, 2014 at 8:54 AM

Microsoft says exploitations of its products’ severe vulnerabilities down 70 percent

Despite news of recent cyber attacks that exploited a vulnerability on Internet Explorer — a vulnerability that Microsoft has since patched — that could leave an impression of increased vulnerability, the company says exploitations of severe vulnerabilities in the company’s products were down 70 percent between 2010 and 2013.


Comments | More in Microsoft | Topics: security, security intelligence report

October 8, 2013 at 11:41 AM

Microsoft pays researcher $100,000 bounty for finding way around Windows 8.1 protections

In June, Microsoft announced it would be awarding money to people who come up with truly novel ways of getting around the protections in Windows 8.1 Preview, and to those who can find critical vulnerabilities in Internet Explorer 11 Preview.

Today, the company announced it’s awarding $100,000 to James Forshaw, a security vulnerability researcher with Context Information Security. Forshaw was awarded the Mitigation Bypass Bounty for coming up with a new exploitation technique around the protections in Windows 8.1 Preview.


Comments | More in Microsoft | Topics: internet explorer 11, mitigation bypass, security

June 19, 2013 at 1:46 PM

Say what? Microsoft offering up to $100,000 for novel exploits of Windows 8.1 protections

It’s not often that a software company will reward people for coming up with ways to exploit protections built into its operating systems. But that’s what Microsoft is doing with some new programs, launching June 26, that offer cash awards for those who can find ways to get around the protections in Windows 8.1 Preview, and…


Comments | More in Microsoft | Topics: internet explorer 11, mitigation bypass, security