Internet Health

Home » Knowledge Center » Internet Health

CTX633151 NewXenServer and Citrix Hypervisor Security Update for CVE-2023-46842, CVE-2024-2201 and CVE-2024-31142Applicable Products :  Citrix HypervisorXenServer

CTX616982 NewCitrix Hypervisor Security Update for CVE-2023-39368 and CVE-2023-38575Applicable Products :  Citrix HypervisorXenServer

CTX617071 NewCitrix SDWAN Security Bulletin for CVE-2024-2049Applicable Products :  Citrix SD-WAN

CTX587605 NewCitrix Hypervisor Security Bulletin for CVE-2023-46838Applicable Products :  Citrix HypervisorXenServer

CTX584986 NewNetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2023-6548 and CVE-2023-6549Applicable Products :  NetScalerNetScaler Gateway

CTX583759 NewCitrix StoreFront Security Bulletin for CVE-2023-5914Applicable Products :  StoreFront

CTX583930 NewCitrix Session Recording Security Bulletin for CVE-2023-6184Applicable Products :  Citrix Virtual Apps and Desktops

CTX579459 NewNetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2023-4966 and CVE-2023-4967Applicable Products :  NetScalerNetScaler Gateway

CTX583037 NewCitrix Hypervisor Security Bulletin for CVE-2023-23583 and CVE-2023-46835Applicable Products :  Citrix HypervisorXenServer

CTX581768 NewImpact of Chromium vulnerabilities CVE-2023-4863 and CVE-2023-5217 on Cloud Software Group products

The NVD (National Vulnerability Database) announcement page (https://nvd.nist.gov/general/news/nvd-program-transition-announcement) indicates a growing backlog of vulnerabilities that are causing delays in their process.

Billions of PDF files are exchanged daily and many people trust them because they think the file is "read-only" and contains just "a bunch of data". In the past, badly crafted PDF files could trigger nasty vulnerabilities in PDF viewers. All of them were affected at least once, especially Acrobat or FoxIt readers. A PDF […]

The Palo Alto Networks vulnerability has been analyzed in depth by various sources and exploits [1].

Package updates/upgrades by maintainers on the Linux platforms are always appreciated, as these updates are intended to offer new features/bug fixes. However, in rare circumstances, there is a need to downgrade the packages to a prior version due to unintended bugs or potential security issues, such as the recent xz-utils backdoor. Consistently backing up your […]

This is a quick update to our initial diary from this weekend [CVE-2024-3400].

On Friday, Palo Alto Networks released an advisory warning users of Palo Alto's Global Protect product of a vulnerability that has been exploited since March [1].

Congratulations to all the researchers recognized in this quarter’s Microsoft Researcher Recognition Program leaderboard! Thank you to everyone for your hard work and continued partnership to secure customers. The top three researchers of the 2024 Q1 Security Researcher Leaderboard are Yuki Chen, VictorV, and Nitesh Surana! Check out the full list of researchers recognized this […]

At the Microsoft Security Response Center (MSRC), our mission is to protect our customers, communities, and Microsoft from current and emerging threats to security and privacy. One way we achieve this is by determining the root cause of security vulnerabilities in Microsoft products and services. We use this information to identify vulnerability trends and provide […]

Meet Derrick, a Senior Program Manager on the Operational Threat Intelligence team at Microsoft. Derrick’s role involves understanding and roadmapping the complete set of tools that Threat Intel analysts use to collect, analyze, process, and disseminate threat intelligence across Microsoft. Derrick’s love of learning and his natural curiosity led him to a career in technology […]

This blog provides an update on the nation-state attack that was detected by the Microsoft Security Team on January 12, 2024. As we shared, on January 19, the security team detected this attack on our corporate email systems and immediately activated our response process. The Microsoft Threat Intelligence investigation identified the threat actor as Midnight […]

Faye, a veteran at Microsoft for 22 years, has had a career as varied as it is long. Her journey began in 2002 as the first desktop security Project Manager (PM) in Microsoft IT. From there, she transitioned into owning a deployment team that deployed to desktops and handled operations for Office’s first few customers.

Starting today, we are doubling the maximum bounty award for the Microsoft 365 Insider Bug Bounty Program to $30,000 USD for high impact scenarios, such as unauthenticated non-sandboxed code execution with no user interaction. We are also expanding the scope of our bounty program to include more vulnerability types and products.

As a young boy, Devin found himself captivated by the adventures of Indiana Jones, the whip-wielding archaeologist from the VHS movies his grandfather showed him. The thrill of unearthing history and the allure of the unknown ignited a spark in Devin, leading him to dream of becoming an archaeologist. However, as he grew older and […]

Bruce’s story unfolds in Cincinnati, Ohio. As a young boy, he had an ambitious dream of one day becoming the President of the United States. This aspiration remained his guiding star until he began his professional career after college. His mother, amused by his

Today, we are adding a new Security Advisory tab to the Security Update Guide to meet our customers’ needs for a unified and authoritative source for the latest public information about Microsoft security updates and issues. We are continuously listening to feedback from users of the Security Update Guide. Our goal is to find new […]

Congratulations to all the researchers recognized in this quarter’s Microsoft Researcher Recognition Program leaderboard! Thank you to everyone for your hard work and continued partnership to secure customers. The top three researchers of the 2023 Q4 Security Researcher Leaderboard are Yuki Chen, Wei, VictorV! Check out the full list of researchers recognized this quarter here.