{"id":4309,"date":"2023-12-08T08:01:16","date_gmt":"2023-12-07T23:01:16","guid":{"rendered":"https:\/\/m365jp.xyz\/?p=4309"},"modified":"2023-12-08T08:15:42","modified_gmt":"2023-12-07T23:15:42","slug":"servicerestored-dz696339-microsoft-365-defender-users-may-see-an-increase-of-a-specific-alert-in-the-security-microsoft-com-portal","status":"publish","type":"post","link":"https:\/\/m365jp.net\/index.php\/2023-12-08-servicerestored-dz696339-microsoft-365-defender-users-may-see-an-increase-of-a-specific-alert-in-the-security-microsoft-com-portal","title":{"rendered":"[serviceRestored] DZ696339 | Microsoft 365 Defender | Users may see an increase of a specific alert in the security.microsoft.com portal"},"content":{"rendered":"<div class=\"postie-post\">\n<div>\n<hr>\n<table id=\"section\">\n<tbody>\n<tr>\n<th width=\"95%\">DZ696339 | Microsoft 365 Defender | Users may see an increase of a specific alert in the security.microsoft.com portal<\/th>\n<\/tr>\n<\/tbody>\n<\/table>\n<hr>\n<table id=\"data\">\n<tbody>\n<tr>\n<th>Status<\/th>\n<td class=\"bad\">serviceRestored<\/td>\n<\/tr>\n<tr>\n<th>Classification<\/th>\n<td>advisory<\/td>\n<\/tr>\n<tr>\n<th>User Impact<\/th>\n<td>Users may have seen an increase of a specific alert in the security.microsoft.com portal.<\/td>\n<\/tr>\n<tr>\n<th>Last Updated<\/th>\n<td>12\/07\/2023 22:39:28<\/td>\n<\/tr>\n<tr>\n<th>Start Time<\/th>\n<td>12\/05\/2023 00:00:00<\/td>\n<\/tr>\n<tr>\n<th>End Time<\/th>\n<td>12\/07\/2023 22:15:00<\/td>\n<\/tr>\n<tr>\n<th>Latest Message<\/th>\n<td>Title: Users may see an increase of a specific alert in the security.microsoft.com portal<\/p>\n<p>  User impact: Users may have seen an increase of a specific alert in the security.microsoft.com portal.<\/p>\n<p>  More info: Impacted users saw the following alert, &#8220;Suspected Netlogon privilege elevation attempt (CVE-2020-1472 exploitation)&#8221;.<\/p>\n<p>  Final status: We&#8217;ve completed deploying the code fix and confirmed with internal telemetry that the issue is resolved.  <\/p>\n<p>  Scope of impact: Any user accessing the security.microsoft.com portal may have seen the &#8220;Suspected Netlogon privilege elevation attempt (CVE-2020-1472 exploitation)&#8221; alert repeatedly.<\/p>\n<p>  Start time: Tuesday, December 5, 2023, at 12:00 AM UTC<\/p>\n<p>  End time: Thursday, December 7, 2023, at 10:15 PM UTC<\/p>\n<p>  Root cause: A code issue was introduced in a recent deployment that was intended to improve our false-positive detection coverage, which was resulting in users seeing an increase delivery of the specific alert in the security.microsoft.com portal.<\/p>\n<p>  Next Steps:<br \/>  &#8211; We&#8217;re further reviewing the recent deployment to understand how the code issue was introduced, and to understand what prevented it from being detected in our update testing and validation procedures, which will allow us to prevent similar issues in future   updates.<\/p>\n<p>  This is the final update for the event.<\/td>\n<\/tr>\n<tr>\n<th>Machine Translation<\/th>\n<td>\u30bf\u30a4\u30c8\u30eb: \u30e6\u30fc\u30b6\u30fc\u306b\u306f\u3001security.microsoft.com \u30dd\u30fc\u30bf\u30eb\u3067\u7279\u5b9a\u306e\u30a2\u30e9\u30fc\u30c8\u306e\u5897\u52a0\u304c\u8868\u793a\u3055\u308c\u308b\u5834\u5408\u304c\u3042\u308a\u307e\u3059<\/p>\n<p>  \u30e6\u30fc\u30b6\u30fc\u3078\u306e\u5f71\u97ff: \u30e6\u30fc\u30b6\u30fc\u306f\u3001security.microsoft.com \u30dd\u30fc\u30bf\u30eb\u3067\u7279\u5b9a\u306e\u30a2\u30e9\u30fc\u30c8\u306e\u5897\u52a0\u3092\u78ba\u8a8d\u3057\u305f\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059\u3002<\/p>\n<p>  \u8a73\u7d30\u60c5\u5831: \u5f71\u97ff\u3092\u53d7\u3051\u305f\u30e6\u30fc\u30b6\u30fc\u306b\u306f\u3001&#8221;Netlogon \u7279\u6a29\u6607\u683c\u306e\u8a66\u307f\u306e\u53ef\u80fd\u6027 (CVE-2020-1472 \u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8)&#8221; \u3068\u3044\u3046\u30a2\u30e9\u30fc\u30c8\u304c\u8868\u793a\u3055\u308c\u307e\u3057\u305f\u3002<\/p>\n<p>  \u6700\u7d42\u72b6\u614b: \u30b3\u30fc\u30c9\u4fee\u6b63\u30d7\u30ed\u30b0\u30e9\u30e0\u306e\u30c7\u30d7\u30ed\u30a4\u304c\u5b8c\u4e86\u3057\u3001\u554f\u984c\u304c\u89e3\u6c7a\u3055\u308c\u305f\u3053\u3068\u304c\u5185\u90e8\u30c6\u30ec\u30e1\u30c8\u30ea\u3067\u78ba\u8a8d\u3055\u308c\u307e\u3057\u305f\u3002<\/p>\n<p>  \u5f71\u97ff\u7bc4\u56f2: security.microsoft.com \u30dd\u30fc\u30bf\u30eb\u306b\u30a2\u30af\u30bb\u30b9\u3059\u308b\u3059\u3079\u3066\u306e\u30e6\u30fc\u30b6\u30fc\u306b\u3001&#8221;Netlogon \u7279\u6a29\u6607\u683c\u306e\u8a66\u307f\u306e\u53ef\u80fd\u6027 (CVE-2020-1472 \u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8)&#8221; \u3068\u3044\u3046\u30a2\u30e9\u30fc\u30c8\u304c\u7e70\u308a\u8fd4\u3057\u8868\u793a\u3055\u308c\u308b\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059\u3002<\/p>\n<p>  \u958b\u59cb\u6642\u523b: 2023 \u5e74 12 \u6708 5 \u65e5 (\u706b) 12:00 AM UTC<\/p>\n<p>  \u7d42\u4e86\u6642\u523b: 2023 \u5e74 12 \u6708 7 \u65e5 (\u6728) \u5348\u5f8c 10 \u6642 15 \u5206 (UTC)<\/p>\n<p>  \u6839\u672c\u539f\u56e0: \u8aa4\u691c\u77e5\u691c\u51fa\u306e\u7bc4\u56f2\u3092\u6539\u5584\u3059\u308b\u3053\u3068\u3092\u76ee\u7684\u3068\u3057\u305f\u6700\u8fd1\u306e\u30c7\u30d7\u30ed\u30a4\u3067\u30b3\u30fc\u30c9\u306e\u554f\u984c\u304c\u767a\u751f\u3057\u3001\u305d\u306e\u7d50\u679c\u3001security.microsoft.com \u30dd\u30fc\u30bf\u30eb\u3067\u7279\u5b9a\u306e\u30a2\u30e9\u30fc\u30c8\u306e\u914d\u4fe1\u304c\u5897\u52a0\u3057\u3066\u3044\u307e\u3057\u305f\u3002<\/p>\n<p>  \u6b21\u306e\u30b9\u30c6\u30c3\u30d7:<br \/>  &#8211; \u30b3\u30fc\u30c9\u306e\u554f\u984c\u304c\u3069\u306e\u3088\u3046\u306b\u767a\u751f\u3057\u305f\u304b\u3092\u7406\u89e3\u3057\u3001\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0\u306e\u30c6\u30b9\u30c8\u3068\u691c\u8a3c\u306e\u624b\u9806\u3067\u691c\u51fa\u3067\u304d\u306a\u304b\u3063\u305f\u539f\u56e0\u3092\u7406\u89e3\u3059\u308b\u305f\u3081\u306b\u3001\u6700\u8fd1\u306e\u30c7\u30d7\u30ed\u30a4\u3092\u3055\u3089\u306b\u78ba\u8a8d\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n<p>  \u3053\u308c\u304c\u30a4\u30d9\u30f3\u30c8\u306e\u6700\u7d42\u66f4\u65b0\u3067\u3059\u3002<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>DZ696339 | Microsoft 365 Defender | Users may see an increase of a specific alert in the security.microsoft.co [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-4309","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/posts\/4309","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/comments?post=4309"}],"version-history":[{"count":0,"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/posts\/4309\/revisions"}],"wp:attachment":[{"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/media?parent=4309"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/categories?post=4309"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/tags?post=4309"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}