Results for microsoft

Threat Research

“BlueKeep” Vulnerability (CVE-2019-0708) within Cloud/Datacenter Machines: How to Safeguard Yourself?

Recently, FortiGuard Labs conducted its own research on Microsoft Azure datacenter IP ranges and found several instances of unpatched machines still vulnerable to the critical “BlueKeep” RDP vulnerability. Learn more about how to protect against this vulnerability.

By Kushal Arvind ShahJune 12, 2019

Threat Research

CVE-2019-0708 – Remote Desktop Protocol and Remote Code Execution #Bluekeep

The FortiGuard Labs SE Team has drafted a brief Threat Advisory alerting customers to immediately apply the latest patches from Microsoft for CVE-2019-0708 on any affected machines, read for more information.

By FortiGuard SE TeamMay 23, 2019

Threat Research

Patch Your Microsoft Windows and Office: Fortinet Discovers Three Zero-Day Remote Code Execution Vulnerabilities

On the April 9, 2019 Patch Tuesday, Microsoft released patches for several vulnerabilities in Windows and Office. Three of them were discovered and reported by FortiGuard Labs researcher Honggang Ren by following Fortinet’s responsible disclosure process.

By Honggang Ren April 10, 2019

Business and Technology | Partners

Visit Fortinet on the Microsoft Ignite World Tour

Fortinet is a Global Platinum Sponsor of the 2019 Microsoft Ignite world tour visiting cities all over the world. Fortinet will have a team of experts onsite at each city on the tour, speaking, giving live demos, etc.

By FortinetFebruary 07, 2019

Threat Research

Microsoft Windows JET Engine Msrd3x Code Execution Vulnerability

Fortinet's FortiGuard Labs discovered a code execution vulnerability in Windows JET Engine Msrd3x40 and reported it to Microsoft. On patch Tuesday of January 2019, Microsoft released a Security Bulletin that contains the fix for this vulnerability and identifies it as CVE-2019-0538.

By Honggang Ren January 11, 2019

Threat Research

A Deep Analysis of the Microsoft Outlook Vulnerability CVE-2018-8587

This blog is a detailed analysis of a Heap Corruption vulnerability in Office Outlook assigned the vulnerability identifier CVE-2018-8587.

By Yonghui Han December 16, 2018

Threat Research

RPC Bug Hunting Case Studies – Part 1

FortiGuard Labs believes that understanding how this attack works will significantly help other researchers find vulnerabilities similar to the bug that SandboxEscaper found in the Windows Task Scheduler. In this blog post, we will discuss our approach to finding privilege escalation by abusing a symbolic link on an RPC server.

By Wayne Chin Yick LowDecember 05, 2018

Threat Research

Patch Your Microsoft Outlook: Fortinet Discovered Four Outlook Remote Code Execution Vulnerabilities

This Patch Tuesday, November 13, 2018, Microsoft patched six vulnerabilities discovered in Microsoft Outlook. Four of them were discovered and reported on by Fortinet researcher Yonghui Han by following Fortinet’s responsible disclosure process.

By Yonghui HanNovember 13, 2018

Threat Research

An Analysis of Microsoft Edge Chakra JavascriptArray TypeId Handling Memory Corruption (CVE-2018-8467)

FortiGuard Labs looks deeply into the Microsoft Edge Chakra Engine assembly codes to expose the root cause of this vulnerability and figures out the common exploits used by this kind of ‘Type Confusion’.

By Dehui YinOctober 19, 2018

Threat Research

Microsoft JET Database Engine Code Execution Vulnerability

FortiGuard Labs discovered a code execution vulnerability in the Windows JET Database Engine and reported it to Microsoft using the responsible disclosure process. On the patch Tuesday of September 2018, Microsoft released a Security Advisory that contains the fix for this vulnerability, identifying it as CVE-2018-8392.

By Honggang RenSeptember 14, 2018