Lucene search
K

14 matches found

CISA
CISA
added 2022/05/13 12:0 a.m.117 views

CISA Temporarily Removes CVE-2022-26925 from Known Exploited Vulnerability Catalog

CISA is temporarily removing CVE-2022-26925 from its Known Exploited Vulnerability Catalog due to a risk of authentication failures when the May 10, 2022 Microsoft rollup update is applied to domain controllers. After installing May 10, 2022 rollup update on domain controllers, organizations migh...

4.3CVSS2.1AI score0.10461EPSS
Exploits0References2
Malwarebytes
Malwarebytes
added 2022/05/11 2:36 p.m.110 views

Update now! Microsoft releases patches, including one for actively exploited zero-day

Microsoft has released patches for 74 security problems, including fixes for seven “critical” vulnerabilities, and an actively exploited zero-day vulnerability that affects all supported versions of Windows. First, well look at the actively exploited zero-day. Then well discuss two zero-days that...

9.3CVSS2AI score0.80933EPSS
Exploits3
ThreatPost
ThreatPost
added 2022/05/11 11:12 a.m.135 views

Actively Exploited Zero-Day Bug Patched by Microsoft

Microsoft has revealed 73 new patches for May’s monthly update of security fixes, including a patch for one flaw–a zero-day Windows LSA Spoofing Vulnerability rated as “important”—that is currently being exploited with man-in-the-middle attacks. The software giant’s monthly update of patches that...

10CVSS9.2AI score0.91316EPSS
Exploits17References16
The Hacker News
The Hacker News
added 2022/05/11 5:29 a.m.194 views

Microsoft Releases Fix for New Zero-Day with May 2022 Patch Tuesday Updates

Microsoft on Tuesday rolled out fixes for as many as 74 security vulnerabilities, including one for a zero-day bug that's being actively exploited in the wild. Of the 74 issues, seven are rated Critical, 66 are rated Important, and one is rated low in severity. Two of the flaws are listed as...

10CVSS1.2AI score0.91316EPSS
Exploits18
Circl
Circl
added 2022/05/11 4:0 a.m.14 views

CVE-2022-26925

creationtimestamp| type| source ---|---|--- 2022-05-11 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=801 2022-05-11 08:29:32+00:00| exploited| https://t.me/cKure/9501 2022-05-11 16:04:01+00:00| seen| https://t.me/truesecator/2928 2022-05-17 16:15:03+00:00| exploited|...

8.1CVSS7AI score0.10461EPSS
Exploits0References13
Krebs on Security
Krebs on Security
added 2022/05/11 2:34 a.m.322 views

Microsoft Patch Tuesday, May 2022 Edition

Microsoft today released updates to fix at least 74 separate security problems in its Windows operating systems and related software. This months patch batch includes fixes for seven "critical" flaws, as well as a zero-day vulnerability that affects all supported versions of Windows. By all...

7.5CVSS0.4AI score0.76766EPSS
Exploits7
OpenVAS
OpenVAS
added 2022/05/11 12:0 a.m.31 views

Microsoft Windows Multiple Vulnerabilities (KB5014012)

This host is missing an important security update according to Microsoft KB5014012 SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

9.8CVSS7.5AI score0.80933EPSS
Exploits3References3
OSV
OSV
added 2022/05/10 9:15 p.m.3 views

CVE-2022-26925

Windows LSA Spoofing Vulnerability...

5.9CVSS7.2AI score0.10461EPSS
Exploits0References3
NVD
NVD
added 2022/05/10 9:15 p.m.27 views

CVE-2022-26925

Windows LSA Spoofing Vulnerability...

8.1CVSS0.10461EPSS
Exploits0References3
CVE
CVE
added 2022/05/10 8:33 p.m.1227 views

CVE-2022-26925

CVE-2022-26925 is a Windows Local Security Authority (LSA) spoofing vulnerability. The issue allows an unauthenticated attacker to coerce a domain controller to authenticate to the attacker using NTLM by calling a method on the LSARPC interface, enabling potential credential exposure in an NTLM-r...

8.1CVSS7.5AI score0.10461EPSS
In wildExploits0References3Affected Software17
Cvelist
Cvelist
added 2022/05/10 8:33 p.m.36 views

CVE-2022-26925 Windows LSA Spoofing Vulnerability

...

8.1CVSS9.1AI score0.10461EPSS
Exploits0References1
Rapid7 Blog
Rapid7 Blog
added 2022/05/10 7:59 p.m.158 views

Patch Tuesday - May 2022

This month is par for the course in terms of both number and severity of vulnerabilities being patched by Microsoft. That means there’s plenty of work to be done by system and network administrators, as usual. There is one 0-day this month: CVE-2022-26925, a Spoofing vulnerability in the Windows...

9.3CVSS0.6AI score0.83277EPSS
Exploits12
Qualys Blog
Qualys Blog
added 2022/05/10 7:29 p.m.225 views

May 2022 Patch Tuesday | Microsoft Releases 75 Vulnerabilities with 8 Critical; Adobe Releases 5 Advisories, 18 Vulnerabilities with 16 Critical.

Microsoft Patch Tuesday Summary Microsoft has fixed 75 vulnerabilities in the May 2022 update, including one advisory ADV2200011 for Azure in response to CVE-2022-29972, a publicly exposed Zero-Day Remote Code Execution RCE Vulnerability, and eight 8 vulnerabilities classified as Critical as they...

9.3CVSS0.5AI score0.83277EPSS
Exploits11
VulnCheck KEV
VulnCheck KEV
added 2022/05/10 12:0 a.m.2 views

VulnCheck KEV: CVE-2022-26925

Microsoft Windows Local Security Authority LSA contains a spoofing vulnerability where an attacker can coerce the domain controller to authenticate to the attacker using NTLM...

8.1CVSS7AI score0.10461EPSS
Exploits0References1
Rows per page
Query Builder