Skip to content
The Nexus
DossierENTITY

Microsoft Security Response Center

Coverage of Microsoft Security Response Center in the Nexus archive.

Earliest in view: May 12 · 23:51 UTCMost recent: Jun 3 · 14:30 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYJun 3 · 14:30 UTCTHE REGISTER
    Another bug hunter leaks Microsoft exploits in defiance of company’s handling of vulnerability disclosures

    Ammar Askar, a bug hunter, leaked a vulnerability in Microsoft's Visual Studio Code after becoming disillusioned with the company's handling of security reports. The exploit allows attackers to steal OAuth tokens via malicious extensions, compromising GitHub repos, and was disclosed publicly due to past negative experiences with Microsoft Security Response Center (MSRC).

  • SECURITYMay 30 · 15:19 UTCTHE VERGE
    Microsoft is threatening legal action for disclosing exploits

    Microsoft is facing criticism for threatening legal action against an individual who disclosed zero-day exploits. Nightmare Eclipse, a user, posted proof-of-concept exploit code, prompting Microsoft to disable their GitHub, GitLab, and Microsoft Security Response Center accounts. Cybersecurity researcher Kevin Beaumont highlighted Microsoft's response as a point of concern.

  • SECURITYMay 12 · 23:51 UTCTHE REGISTER
    Doozy of a Patch Tuesday includes 30 critical Microsoft CVEs

    Microsoft released fixes for 137 CVEs, including 30 critical flaws, with 14 earning a 9.0 or higher CVSS severity rating. The company's AI bug hunting system, MDASH, found 16 of the vulnerabilities addressed in this month's release. Microsoft admins are expected to face a lot more work in applying and testing the patches.

Microsoft Security Response Center · Dossier · The Nexus