Security Research & Defense
Information from Microsoft about vulnerabilities, mitigations and workarounds, active attacks, security research, tools and guidance
Postings are provided "AS IS" with no warranties, and confers no rights.
Get alerts when we update our blog!
Attack Surface Reduction
Internet Explorer (IE)
safe for initialization
safe for scripting
Windows Media components
Browse by Tags
Security Research & Defense
Introducing ModSecurity IIS 2.7.2 Stable Release
We are pleased to announce the release of a stable version of the open source web application firewall module ModSecurity IIS 2.7.2 . Since the announcement of availability of the beta version in July 2012 , we have been working very hard to bring the quality of the module to meet the enterprise class...
11 Feb 2013
The Enhanced Mitigation Experience Toolkit 2.0 is Now Available
Today we are pleased to announce the availability of the Enhanced Mitigation Experience Toolkit (EMET) version 2.0. Users can click here to download the tool free of charge. For those who may be unfamiliar with the tool, EMET provides users with the ability to deploy security mitigation technologies...
2 Sep 2010
Introducing EMET v4 Beta
Great news! Today we are proud to announce a beta release of the next version of the Enhanced Mitigation Experience Toolkit (EMET) – EMET 4.0. Download it here: http://www.microsoft.com/en-us/download/details.aspx?id=38761 EMET is a free utility that helps prevent memory corruption vulnerabilities...
18 Apr 2013
Introducing EMET v3
We are pleased to announce the release of a new version of our Enhanced Mitigation Experience Toolkit (EMET) - EMET 3.0 . EMET it is a free utility that helps prevent vulnerabilities in software from being successfully exploited for code execution. It does so by opt-ing in software to the latest security...
15 May 2012
OffVis updated, Office file format training video created
In July, we released a beta Office file format viewer application called OffVis as a downloadable tool. We are pleased today to announce an updated version of OffVis and a 30 minute training video to help you understand the legacy Office binary file format. OffVis 1.1 The community response to...
14 Sep 2009
New version of EMET is now available
Today we are pleased to announce a new version of the Enhanced Mitigation Experience Toolkit (EMET) with brand new features and mitigations. Users can click here to download the tool free of charge. The Enhanced Mitigation Experience Toolkit enables and implements different techniques to make successful...
18 May 2011
Announcing OffVis 1.0 Beta
We’ve gotten questions from security researchers and malware protection vendors about the binary file format used by Microsoft Word, PowerPoint, and Excel. The format specification is open and we have spoken at several conferences ( 1 , 2 , 3 ) about detecting malicious docs but we wanted to do more...
1 Aug 2009
© 2015 Microsoft Corporation.
Privacy & Cookies