Presentation is loading. Please wait.

Presentation is loading. Please wait.

Microsoft Security Response Center Presented by Fan Chiang, Chun-Wei( 范姜竣韋 ) 2015/11/14 1 NTUIM.

Published byAbraham Lang Modified over 8 years ago

Similar presentations

Presentation on theme: "Microsoft Security Response Center Presented by Fan Chiang, Chun-Wei( 范姜竣韋 ) 2015/11/14 1 NTUIM."— Presentation transcript:

1 Microsoft Security Response Center Presented by Fan Chiang, Chun-Wei( 范姜竣韋 ) 2015/11/14 1 NTUIM

2 Microsoft Security Response Center Agenda Background Case Current Problem MSRC Security Vulnerability Problem Solving Process ▫Workarounds ▫Service Packs ▫Patches  4 phases of patch developing Follow-up Question 2015/11/14 2 NTUIM

3 Microsoft Security Response Center Background According to a 2000 study of IDC : Data security budget in 2003 had risen to 14.8 billion from 6.2 billion in 1999 Of all the technologies, the Internet has proven to be the greatest threat to data security. Because of three reasons : ▫Scope ▫Anonymity ▫Reproducibility 2015/11/14 3 NTUIM

4 Microsoft Security Response Center 2015/11/14 4 NTUIM

5 Microsoft Security Response Center 2015/11/14 NTUIM 5

6 Microsoft Security Response Center Case Security program manager of MSRC Scott Culp v.s. CyBER Paladin(CyP) Security Vulnerability of MS IIS(version4.0 、 5.0) “Canonicalization Error” CyP planned to post his findings publicly “within few days.” 2015/11/14 6 NTUIM

7 Microsoft Security Response Center Current Problem Contact the IIS development team and get them on their situation. Legitimize the security vulnerability. 2015/11/14 7 NTUIM

8 Microsoft Security Response Center MSRC MSRC has eliminated over 150 security vulnerabilities through roughly 40 MS products. The goal of MSRC : Protect users by eliminating security vulnerabilities. The majority support activity of MSRC : Once the vulnerability was identified, MSRC worked with the relevant product development team to find a solution. 2015/11/14 8 NTUIM

9 Microsoft Security Response Center MSRC (con’t) Forms and types of vulnerabilities : ▫Virus 、 worms 、 incorrectly-configured systems, password written on sticky pads. Security vulnerability definition of MS : ▫As a flaw in a product that makes it infeasible - even when using the product properly - to prevent attackers from usurping privileges on the user’s system, regulating its operation, compromising data on it or assuming ungranted trust. 2015/11/14 9 NTUIM

10 Microsoft Security Response Center Security Vulnerability Problem Solving Process Step 1 : Obtain information about possible security problems. Step 2 : Perform Initial Triage. ▫- Working with customer to gather more information on the problem ▫- Testing reported configuration ▫- Informing the user about patches or workarounds already release Step 3 : Involve Product Team. 2015/11/14 10 NTUIM

11 Microsoft Security Response Center Security Vulnerability Problem Solving Process (con’t) Step 4 : Devise Solution Alternatives. ▫- Server-side fixes ▫- Workarounds ▫- Service Packs ▫- Patches Step 5 : Implement Solutions. Step 6 : Press Response 2015/11/14 11 NTUIM

12 Microsoft Security Response Center Security Vulnerability Problem Solving Process - Step 4 Workarounds : Provide the user with a alternative method of using the product that prevents a vulnerability from being exploited. Service Packs : A scheduled, periodic software update that corrected a large number of bugs, including security vulnerabilities. Patches : Used when the vulnerability needs to be fixed immediately. 2015/11/14 12 NTUIM

13 Microsoft Security Response Center 4 phases of patch developing Phase 1 : Create a “Private build,” and Undergo initial testing. Phase 2 : Proceed to “War Team”. They challenge the developer to show that the “Private build” is necessary and the engineering solution is correct. 2015/11/14 13 NTUIM

14 Microsoft Security Response Center 4 phases of patch developing (con’t) Phase 3 : Formal testing and Conduct full compatibility testing. Phase 4 : Develop installer package of each version of the affected product. And then the packages are signed (by MS) and retested. 2015/11/14 14 NTUIM

15 Microsoft Security Response Center Security Vulnerability Problem Solving Process (con’t) Step 4 : Devise Solution Alternatives. ▫- Workarounds ▫- Service Packs ▫- Patches Step 5 : Implement Solutions. ▫Build bulletin and knowledge base, then Release the patches or workarounds. Step 6 : Press Response 2015/11/14 15 NTUIM

16 Microsoft Security Response Center Follow-Up (B) Good news : The IIS development team knew that this security problem was solved by a already released patch months ago. Bad news : Due to the issue was complex, affected few users and some mitigating factors, few customers had installed the corresponding patch. 2015/11/14 16 NTUIM

17 Microsoft Security Response Center Canonicalization Error Security Vulnerability of MS IIS(version4.0 、 5.0) “Canonicalization Error” ▫c:\dir\test.dat, test.dat, and..\..\test.dat might all refer to the same file like c:\dir\test.dat. ▫c:\inetpub\wwwroot\test1\test2\test.asp ▫www.microsoft.com/windowsnt/information/test. asp (VIRTUAL) ▫www.microsoft.com/test1/test2/test.asp (PHYSICAL)www.microsoft.com/test1/test2/test.asp 2015/11/14 NTUIM 17

18 Microsoft Security Response Center Follow-Up (B) (con’t) First, release the information as quickly as possible, in case malicious users were already compromising web sites. Second, and equally important, once the bulletin was released, the whole world needed to be informed as quickly as possible. Otherwise hackers would start attacking the stragglers. 2015/11/14 18 NTUIM

19 Microsoft Security Response Center Follow-Up (C) MSRC decided to keep the security vulnerability problem under wraps over the weekend. MSRC asked TAMs to support the patch installation on customers’ machines. 2015/11/14 19 NTUIM

20 Microsoft Security Response Center Question How could Culp solve this security problem before the attacker compromising Web sites running MS IIS ? Whether take a calculated risk and wait an extra day in order to prepare the patch in multiple languages? 2015/11/14 NTUIM 20

Download ppt "Microsoft Security Response Center Presented by Fan Chiang, Chun-Wei( 范姜竣韋 ) 2015/11/14 1 NTUIM."

Similar presentations

Windows XP Tutorial Securing Windows. Introduction This presentation will guide you through basic security principles for Windows XP.

Windows XP Tutorial Securing Windows. Introduction This presentation will guide you through basic security principles for Windows XP.
© 2001 3 Leaf Solutions, LLC. All Rights Reserved What’s New in Everett Microsoft.Net V1.1.

© Leaf Solutions, LLC. All Rights Reserved What’s New in Everett Microsoft.Net V1.1.
Windows 7 Project and Heartbleed Update Sian Shumway Director, IT Customer Service.

Windows 7 Project and Heartbleed Update Sian Shumway Director, IT Customer Service.
Upgrading Software CIT 1100 Chapter4.

Upgrading Software CIT 1100 Chapter4.
Chapter 5: Common Support Problems

Chapter 5: Common Support Problems
Web Defacement Anh Nguyen May 6 th, 2010. Organization Introduction How Hackers Deface Web Pages Solutions to Web Defacement Conclusions 2.

Web Defacement Anh Nguyen May 6 th, Organization Introduction How Hackers Deface Web Pages Solutions to Web Defacement Conclusions 2.
INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)

INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)
Software Security Threats Threats have been an issue since computers began to be used widely by the general public.

Software Security Threats Threats have been an issue since computers began to be used widely by the general public.
Requirements Structure 2.0 Clark Elliott Instructor With debt to Chris Thomopolous and Ali Merchant Original Authors.

Requirements Structure 2.0 Clark Elliott Instructor With debt to Chris Thomopolous and Ali Merchant Original Authors.
Best Practices – Overview

Best Practices – Overview
Computer Security and Penetration Testing

Computer Security and Penetration Testing
1 Secure Your Business PATCH MANAGEMENT STRATEGY.

1 Secure Your Business PATCH MANAGEMENT STRATEGY.
Assessing the Threat How much money is lost due to cyber crimes? –Estimates range from $100 million to $100s billions –Why the discrepancy? Companies don’t.

Assessing the Threat How much money is lost due to cyber crimes? –Estimates range from $100 million to $100s billions –Why the discrepancy? Companies don’t.
© 2010 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. David Lenoe | Wendy Poland Bullseye on Your Back Life on the Adobe Product.

© 2010 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. David Lenoe | Wendy Poland Bullseye on Your Back Life on the Adobe Product.
What Causes Software Vulnerabilities? _____________________ ___________ ____________ _______________   flaws in developers own code   flaws resulting.

What Causes Software Vulnerabilities? _____________________ ___________ ____________ _______________   flaws in developers own code   flaws resulting.
Module 6: Patches and Security Updates 1. Overview Installing Patches and Security Updates Recent patches and security updates for IIS Recent patches.

Module 6: Patches and Security Updates 1. Overview Installing Patches and Security Updates Recent patches and security updates for IIS Recent patches.
Chapter 17 Acquiring and Implementing Accounting Information Systems

Chapter 17 Acquiring and Implementing Accounting Information Systems
IT:Network:Microsoft Applications

IT:Network:Microsoft Applications
Desktop Security: Worms and Viruses Brian Arkills, C&C NDC-Sysmgt.

Desktop Security: Worms and Viruses Brian Arkills, C&C NDC-Sysmgt.
Norman SecureSurf Protect your users when surfing the Internet.

Norman SecureSurf Protect your users when surfing the Internet.

Similar presentations

Ads by Google