![]() CVE-2022-41033, an Elevation of Privilege vulnerability affecting the COM+ Event System Service in all supported versions of Windows, has been seen exploited in the wild. Microsoft did address two other zero-day vulnerabilities with today’s patches. Reports are also surfacing about an additional zero-day distinct from these being used in ransomware attacks however, these have not yet been substantiated. Thankfully, the impact should be more limited than 2021’s ProxyShell and ProxyLogon vulnerabilities due to attackers needing to be authenticated to the server for successful exploitation. This whack-a-mole approach seems likely to continue until a proper patch addressing the root causes is available unfortunately, it doesn’t look like that will be happening today. While Microsoft was relatively quick to acknowledge the vulnerabilities and provide mitigation steps, their guidance has continually changed as the recommended rules to block attack traffic get bypassed. Top of mind for many this month is whether Microsoft would patch the two Exchange Server zero-day vulnerabilities ( CVE-2022-41040 and CVE-2022-41082) disclosed at the end of September. The October batch of CVEs published by Microsoft includes 96 vulnerabilities, including 12 fixed earlier this month that affect the Chromium project used by their Edge browser. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |