Lucene search
+L

8 matches found

The Hacker News
The Hacker News
added 2022/01/12 6:42 a.m.170 views

First Patch Tuesday of 2022 Brings Fix for a Critical 'Wormable' Windows Vulnerability

Microsoft on Tuesday kicked off its first set of updates for 2022 by plugging 96 security holes across its software ecosystem, while urging customers to prioritize patching for what it calls a critical "wormable" vulnerability. Of the 96 vulnerabilities, nine are rated Critical and 89 are rated...

10CVSS0.6AI score0.9279EPSS
Exploits24
Circl
Circl
added 2022/01/12 4:0 a.m.7 views

CVE-2022-21836

creationtimestamp| type| source ---|---|--- 2022-01-12 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=715 2022-01-12 13:10:46+00:00| published-proof-of-concept| https://t.me/poxek/449 2022-01-12 14:49:26+00:00| seen| https://t.me/NeKaspersky/1670 2022-01-12 17:30:00+00:00...

7.8CVSS8.6AI score0.00704EPSS
Exploits0References4
ThreatPost
ThreatPost
added 2022/01/11 9:54 p.m.83 views

Microsoft Faces Wormable, Critical RCE Bug & 6 Zero-Days

Microsoft has addressed a total of 97 security vulnerabilities in its January 2022 Patch Tuesday update – nine of them rated critical – including six that are listed as publicly known zero-days. The fixes cover a swath of the computing giant’s portfolio, including: Microsoft Windows and Windows...

10CVSS9.2AI score0.9279EPSS
Exploits24References22
NVD
NVD
added 2022/01/11 9:15 p.m.24 views

CVE-2022-21836

Windows Certificate Spoofing Vulnerability...

7.8CVSS0.00704EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/01/11 8:22 p.m.17 views

CVE-2022-21836 Windows Certificate Spoofing Vulnerability

...

7.8CVSS7.2AI score0.00704EPSS
Exploits0References1
CVE
CVE
added 2022/01/11 8:22 p.m.204 views

CVE-2022-21836

CVE-2022-21836 is a Windows kernel-level spoofing flaw that could bypass WPBT verification by presenting a small number of compromised certificates. Microsoft mitigated this by adding those certificates to the Windows kernel driver block list, blocking them even if present in WPBT. The CVE is dis...

7.8CVSS8.6AI score0.00704EPSS
Exploits0References2Affected Software9
Tenable Nessus
Tenable Nessus
added 2022/01/11 12:0 a.m.99 views

KB5009557: Windows 10 Version 1809 and Windows Server 2019 Security Update (January 2022)

The remote Windows host is missing security update 5009557. It is, therefore, affected by multiple vulnerabilities: - A session spoofing vulnerability exists. An attacker can exploit this to perform actions with the privileges of another user. CVE-2022-21836 - A denial of service DoS vulnerabilit...

10CVSS7.8AI score0.9279EPSS
Exploits33References83
Tenable Nessus
Tenable Nessus
added 2022/01/11 12:0 a.m.53 views

KB5009543: Windows 10 Version 20H2 / 21H1 / 21H2 Security Update (January 2022)

The remote Windows host is missing security update 5009543. It is, therefore, affected by multiple vulnerabilities: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. CVE-2022-21849, CVE-2022-21850,...

10CVSS7.8AI score0.9279EPSS
Exploits33References82
Rows per page
Query Builder