Security updates for November 2025 are now available! Details are here: https://t.co/WW89TcgFXA #PatchTuesday #SecurityUpdateGuide

In our latest blog, Cameron Vincent (@SecretlyHidden1), Senior Security Researcher at MSRC, features the work of MSRC intern and security researcher, Brian McNulty (@brianjmcnulty), who uncovered 22+ critical vulnerabilities in just two months. Learn how the MSRC team leverages

Thank you to everyone who joined us this week for BlueHat Asia. BlueHat is more than just a conference, it’s a community. One where the security community from inside and outside Microsoft come together as peers to share, challenge, and learn from one another. From deep

At BlueHat Asia, Cameron Vincent (@SecretlyHidden1), Senior Security Researcher, Microsoft, and Brian McNulty (@brianjmcnulty), MSRC Summer Intern and University of Michigan graduate student, shared their journey hunting security variants across the Microsoft ecosystem.

RT @MSFTBlueHat: At #BlueHatAsia2025, Abhilasha Bhargav-Spantzel, Partner Security Architect, Microsoft AI, delivered a powerful keynote on…

At #BlueHatAsia, Craig Nelson, VP, Microsoft Red Team at Microsoft, shared how AI is transforming the future of Red Teaming and defense. Microsoft has long led the way in proactive security, with Red Teaming built on “Assume Breach” and “Embrace the Red,” simulating real-world

During his BlueHat Asia opening remarks, Tom Gallager (@secbughunter), VP of Engineering, MSRC discussed how Asia is home to some of the world’s top security researchers, and we’re proud to recognize those who contribute to Microsoft products and services. We have over 40 MVRs

We hosted a pre-BlueHat Asia welcome reception this evening, giving our speakers, MSRC MVRs, and Microsoft team members a great opportunity to connect. A huge thank you to our presenters and MVRs for their role in making #BlueHatAsia a success! We can’t wait to kick off BlueHat

At the Microsoft Security Response Center (MSRC), your feedback drives our innovation. Every enhancement starts with listening to the security community and our customers. Based on your input, we’ve introduced three new features designed to make your experience more efficient,

Ever wondered how Windows decides if a file path is local, intranet, or Internet, and why it matters for security? Our latest blog from MSRC Senior Security Research Managers George Hughey (@ecthr0s) and Rohit Mothe (@rohitwas) dives deep into MapUrlToZone (MUTZ), the critical

MSRC websites and services are experiencing downstream impact related to the ongoing Azure outage. Additional updates can be found on the @AzureSupport status page:

Microsoft has addressed CVE-2025-55315, a vulnerability related to HTTP request handling. This update strengthens security and helps reduce risks such as privilege escalation or SSRF. To stay protected, apply the latest patch, review your request handling logic, and confirm proxy

Microsoft is expanding transparency in vulnerability management. We are now publishing VEX (Vulnerability Exploitability eXchange) attestations for third-party CVEs associated with the Azure Linux Distribution (formerly CBL-Mariner). VEX provides clear, machine-readable and

Congratulations to all the researchers recognized in this quarter’s MSRC 2025 Q3 Security Researcher Leaderboard! Thanks to all the researchers who partnered with us for your hard work and continued dedication to securing our customers. Learn more in our blog post:

Security updates for October 2025 are now available! Details are here: https://t.co/WW89TcgFXA #PatchTuesday #SecurityUpdateGuide

Join the Microsoft Security Response Center (MSRC) for our Researcher Celebration at Black Hat Europe on Wednesday, December 10, from 4:30–9:00 PM. This event honors the contributions of the global security research community. Connect with peers, celebrate achievements, and

MSRC’s Joe Miller sits down with Estevam Arantes, a Microsoft researcher behind high-impact Office vulnerabilities and AI security work. Some topics discussed include: ➤ How to pick research targets that pay off ➤ Why sparse AI docs can be an opportunity ➤ A goal-first

Excited to be a part of #ZeroDayCloud on the floor at Black Hat Europe this year. Let's work together to help secure open-source.

We’re thrilled to welcome Craig Nelson, Vice President, Office of the CISO, Microsoft, as our Day 1 keynote speaker at BlueHat Asia. With nearly two decades at Microsoft, Craig has shaped security strategies across Office, Windows, Azure, Xbox, and the Microsoft Security